AnNyung Official Homepage Home > Update [ 1.3 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



proftpd 긴급 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1291395965
업데이트 : 2010.12.04


상세내용

1.3.3c-2 업데이트

-------------** SECURITY ISSUE **--------------
인지한 즉시 업데이트 하십시오!!!!!!!!!!!!!!!!!!
-----------------------------------------------

백도어 fix:

    2010/12/01 자로 ProFTPd Official site에서 배포된 1.3.2e 버전과 1.3.3c 버전에
    backdoor가 심어진 채로 배포가 되었음을 공지 하였습니다.

    1.3.2e와 1.3.3c는 심각한 보안 버그인 CVE-2010-3867를 fix한 버전으로, ProFTPd
    Official Server가 이 버그에 의해 cracker에 의해 침입을 당하였으며, cracker가
    1.3.2e와 1.3.3c 버전에 backddor를 심어 놓았습니다.

    Saunders에 의하면 UTC 기준 2010/11/28 - 2010/12/01 기간 동안 Official site나
    Official mirror에서 해당 버전을 받은 경우 backdoor가 심어진 버전을 받았을 수
    있다고 공지를 했으며, 29일 업데이트 된 1.3.3c-1 버전 역시 영향을 받았음을 확
    인하여 긴급 업데이트를 합니다.

    다음은 ProFTPd 개발자가 메일링 리스트로 보낸 전문 입니다.


    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    ProFTPD Compromise Report
    
    On Sunday, the 28th of November 2010 around 20:00 UTC the main
    distribution server of the ProFTPD project was compromised.  The
    attackers most likely used an unpatched security issue in the FTP daemon
    to gain access to the server and used their privileges to replace the
    source files for ProFTPD 1.3.3c with a version which contained a backdoor.
    The unauthorized modification of the source code was noticed by
    Daniel Austin and relayed to the ProFTPD project by Jeroen Geilman on
    Wednesday, December 1 and fixed shortly afterwards.
    
    The fact that the server acted as the main FTP site for the ProFTPD
    project (ftp.proftpd.org) as well as the rsync distribution server
    (rsync.proftpd.org) for all ProFTPD mirror servers means that anyone who
    downloaded ProFTPD 1.3.3c from one of the official mirrors from 2010-11-28
    to 2010-12-02 will most likely be affected by the problem.
    
    The backdoor introduced by the attackers allows unauthenticated users
    remote root access to systems which run the maliciously modified version
    of the ProFTPD daemon.
    
    Users are strongly advised to check systems running the affected code for
    security compromises and compile/run a known good version of the code.
    To verify the integrity of the source files, use the GPG signatures
    available on the FTP servers as well on the ProFTPD homepage at:
    
      http://www.proftpd.org/md5_pgp.html.
    
    The MD5 sums for the source tarballs are:
    
     8571bd78874b557e98480ed48e2df1d2  proftpd-1.3.3c.tar.bz2
     4f2c554d6273b8145095837913ba9e5d  proftpd-1.3.3c.tar.gz
    
    The PGP signatures for the source tarballs are:
    
     proftpd-1.3.3c.tar.bz2:
    
       -----BEGIN PGP SIGNATURE-----
       Version: GnuPG v1.4.9 (GNU/Linux)
    
       iEYEABECAAYFAkzLAWYACgkQt46JP6URl2qu3QCcDGXD+fRPOdKMp8fHyHI5d12E
       83gAoPHBrjTFCz4MKYLhH8qqxmGslR2k
       =aLli
       -----END PGP SIGNATURE-----
    
     proftpd-1.3.3c.tar.gz:
    
       -----BEGIN PGP SIGNATURE-----
       Version: GnuPG v1.4.9 (GNU/Linux)
    
       iEYEABECAAYFAkzLAW0ACgkQt46JP6URl2ojfQCfXy/hWE8G5mhdhdLpaPUZsofK
       pO8Anj+uP0hQcn1E/CEUddI0mezlSCmg
       =e8el
       -----END PGP SIGNATURE-----
    
    The PGP key of TJ Saunders has been used to sign the source tarballs;
    it is available via MIT's public keyserver.
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.9 (GNU/Linux)
    
    iEYEARECAAYFAkz23FwACgkQt46JP6URl2pQ3QCfTWAZ8ZTGvruPD1pRJUpLM3gw
    hUsAoLI4YnmXVgUIVhU2vFWD1rOYffEY
    =3m3x
    -----END PGP SIGNATURE-----


Autoupdates 지원 : 지원
  pkgsysupdate
  pkgadd -F proftpd-devel


update 패키지

  RPMS :

    . proftpd-1.3.3c-2.i686.rpm
    . proftpd-devel-1.3.3c-2.i686.rpm

  SRPMS :

    . proftpd-1.3.3c-2.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867
http://proftpd.org/docs/RELEASE_NOTES-1.3.3c
http://proftpd.org



    



 Home > Update [ 1.3 ]

Copyright 2024 OOPS Development Organization 
LAST MODIFIED: 2018/04/10