Improper Certificate Validation in ProFTPD and Fedora - CVE-2019-19270
Published: November 26, 2019 / Updated: September 7, 2020
Vulnerability identifier: #VU35035
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2019-19270
CWE-ID: CWE-295
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: ProFTPD
Fedoraproject
Fedoraproject
Affected software:
ProFTPD
Fedora
ProFTPD
Fedora
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to manipulate data.
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
How to mitigate CVE-2019-19270
Install update from vendor's website.
Sources
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html
- https://github.com/proftpd/proftpd/issues/859
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGBBCPLJSDPFG5EI5P5G7P4KEX7YSD5G/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QR65XUHPCRU3NXTSFVF2J4GWRIHC7AHW/