CVE-2011-1575
Published May 23, 2011
Last updated 11 years ago
Overview
- Description
- The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3D14516-085B-45FB-A7F5-C695F72586FA",
"versionEndIncluding": "1.0.29"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.90:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1BAA8918-A2CB-47A3-BEA5-012202416E2D"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.91:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7AC08B4-58AC-415A-9B66-40A1E3CCD0F8"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.92:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "109D76F0-FB16-4DB5-8CD9-5FC4B7A888F8"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.93:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D21A2797-A1E1-41D1-A4F9-88A6BDB39386"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.94:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6F60D6F-5EED-4F98-B837-8DA704AE655E"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6FB0AE1-D1C1-49BA-92EB-22610F805C24"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95-pre1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEF345E7-32E3-4AC2-AF59-2909BCD0F0E4"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95-pre2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB8E9891-37F0-4A89-8313-3DF7B30D20C2"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95-pre3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3503BC8E-04EB-4B8B-BCC5-257FBE275435"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95-pre4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64733EB4-34AE-4BF6-BC42-5BEB171D02F3"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75803E7D-E4C4-429A-831D-E9BD35D3822F"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.95.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0AF6AB58-64E1-4B6E-BE3A-F1EF3A4D6D25"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.96:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEE4E7D4-64C3-401D-88BD-25480BB0353E"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.96.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DE75C61-AEB4-49FF-92F0-59BE2DC235A3"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.96pre1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6341410D-6327-40CB-8E77-03715170957A"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97-final:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1664490B-CA34-44A3-8EEC-71A07799E870"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C151E6E5-AC14-4C12-B1E4-4FDED6F5CF33"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC7E10AE-9B98-4801-91CD-F6EEC75B9C0D"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFF21C85-76FC-463C-8661-60BE2D3CAC10"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21110017-470F-4C38-B09F-8DF94E48EFE3"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BA24CD0-22DA-4689-981D-88FAA7FCC1C8"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1931478E-A672-4CF6-9BDC-B3C73B7DA5A4"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71C4863E-76DA-4E38-B2C7-B30037633030"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.7pre1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82F13F0C-B2B7-4DBA-BEB0-4599CE2EE422"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.7pre2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11938621-40EA-4B68-B802-B793F3AAD990"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97.7pre3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DAAE0EB-626A-42BD-A522-CAA026AF5BD3"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2139A56-05FC-468A-8BA4-D319FD878976"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DCE9F15-F266-4194-A328-BE7EB2D4CA6D"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF3055A8-D3BB-4A42-8A5A-848502C08CA3"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "535B52FC-4573-42C7-A0F4-29B8B7BEFD65"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.97pre5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0772C8AB-3290-4A18-8417-4EB248398478"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98-final:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC466025-06CF-48F9-B57A-02FD4D62B472"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57A8D91C-EEEB-4F76-8010-2CB174A9B091"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1831F7D-7366-4775-9B70-832F3BAB23E1"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.2a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4ADCEF99-E5A8-4890-B75D-5055F09EDA23"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "962C592B-1B02-49EE-9C82-2EA1B0F0F4DB"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA327868-1A00-4BFE-AB29-3DBE57545EBA"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09575AA6-7F8C-4A9C-B781-C892B00C3035"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3810E39-63C2-486A-9FFC-C7BBC6DCD455"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07E6BD24-3843-479E-9DD0-56C69F8A0B71"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98pre1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAF09FF7-82C8-4C1F-A9CB-245A7D11D2D8"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.98pre2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0B687A9-8B0B-4059-B6F6-29D76440F054"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41E823CA-D59A-404F-A064-25F557BEBD5A"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD057E44-D7B8-414C-A21D-DEC8753F0C50"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.1a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ED1A7388-0878-492C-B89A-C732CCE3E6EF"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.1b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF1025C8-B056-4AA7-9976-5FD6AC51A012"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D968FE34-54C4-4C06-8EB7-0537EDAAD6FC"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.2a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70D16075-5855-4448-B79D-8B7385EE0E16"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CAD1DE8-7D55-4C0B-B691-E8D8AA6E2689"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70576B73-12AF-463B-96AB-18725ACDECFE"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39F6EBD8-4BFD-49FC-A087-8698DB462880"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7ED3D13F-D769-4668-AD31-9E9C6B4F1738"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B02414C-C7CF-4719-ABCC-FB019C205163"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99pre1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B0518387-8900-43BF-B592-EB9F725E9FBA"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:0.99pre2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2044321-568E-4381-83EC-EBF9F0D46CA7"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3737B53D-E0BC-430F-9B00-5F13C15E3EF5"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF48827A-8F95-4D07-BB35-AD43A048072B"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10DB2640-6C1B-4B95-998C-3737809C9E40"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A4B5B69-85CF-40C8-BC79-C340A6445F8C"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8992045B-1EC7-4254-966E-AECDAEFD950E"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14C4E0E1-FC73-4641-A7AC-47E25EAE251B"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF00DCF7-A5B8-4B62-9F4F-EB2273589215"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "947E46FD-1B9D-4F64-8C10-FF332796CFE5"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B72E9F25-975E-4609-A741-F472CEB53265"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D76E5AE-B1D2-4362-915A-A6C15225F772"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD6BC5DF-3A1E-4B1F-87E9-857AE413841C"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3928B3DD-CA7E-4204-A49A-7B6E1F973B47"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "091BB6EB-7263-4DD2-8B57-B1FF73D61B7A"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.13a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8622805C-1E49-45F5-8CB0-2C0ECD9E5F0F"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C705AE7A-8F8B-49C1-BEA4-B1486AAE9E2C"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0AB8F16-5A30-4D85-A3E0-E8EECD5EEA69"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.16a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DEB3C26B-945B-4C81-BF15-4E767B544A68"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.16b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3AD4259-CA7D-45D1-8459-F8D44165AC15"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.16c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "866DF3B5-A364-4563-A883-D052DCD86C51"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B76D15CD-FECF-435F-A7E4-54FE53638C1E"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.17a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59FBF7FD-A6C9-46F0-8C9E-CF2098DCB8CE"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8669B8EC-482D-44CD-B30E-7D83423E1BC9"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B67A0244-D65F-4CCE-A084-31AD9A3D9B8E"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFD2D751-2B85-428E-8766-36F92B338C5C"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "579ECF9F-EBED-49BC-A804-86C71554D06C"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66DC1055-CD1D-48B3-9CC4-40F42C3490A1"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F753B7E9-BC46-40AD-A6E6-638C91468756"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D2F7326-B11E-42AE-A0E4-E02CA9E0F9E2"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "307B2193-1737-4FD5-B1E9-19DCB88443B9"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42799518-1D12-4500-8E06-ED10D2239FCA"
},
{
"criteria": "cpe:2.3:a:pureftpd:pure-ftpd:1.0.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31411BEC-1326-4CC4-84FB-6DFCB0D3AFEF"
}
],
"operator": "OR"
}
]
}
]