| Vigilance Vulnerability Alerts watches vulnerabilities impacting your computers, describes security patches, and then alerts you to fix them. |
|
 |
|
|
Synthesis of the vulnerability 
A backdoor was added in the source code of vsftpd 2.3.4.
Impacted systems: vsftpd.
Severity of this alert: 3/4.
Creation date: 04/07/2011.
Revision date: 05/07/2011.
Références of this alert: BID-48539, CVE-2011-2523, VIGILANCE-VUL-10805.
Description of the vulnerability 
The source code of the FTP vsftpd server is hosted on the vsftpd.beasts.org site.
However, between the 30th of June 2011 and the 3rd of July 2011, a backdoor was added in the source code. This backdoor detects if the login starts by ":)", and then opens a shell on the port 6200/tcp.
A remote attacker can therefore use this backdoor, in order to access to the system. Full bulletin, software filtering, emails, fixes, ... (request your free trial)
This computer threat note impacts software or systems such as vsftpd.
Our Vigilance Vulnerability Alerts team determined that the severity of this weakness alert is important.
The trust level is of type confirmed by the editor, with an origin of internet client.
A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this computer weakness note.
Solutions for this threat 
vsftpd: version 2.3.4 posterior to the 3rd of July 2011.
If vsftpd 2.3.4 was downloaded between the 30th of June 2011 and the 3rd of July 2011, the new version has to be downloaded:
https://security.appspot.com/downloads/vsftpd-2.3.4.tar.gz
https://security.appspot.com/downloads/vsftpd-2.3.4.tar.gz.asc
Full bulletin, software filtering, emails, fixes, ... (request your free trial)
Computer vulnerabilities alerting service 
The Vigilance Vulnerability Alerts offer can be used to access to HTML, texte, XML, PDF and RTF formats.
|