CVE-2020-9274
published 2020-02-26CVE-2020-9274: An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the…
PriorityP354high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
5.81%
92.2th percentile
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | pure-ftpd | < pure-ftpd 1.0.49-4 (bookworm) | pure-ftpd 1.0.49-4 (bookworm) |
| fedoraproject | extra_packages_for_enterprise_linux | — | — |
| fedoraproject | extra_packages_for_enterprise_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| pureftpd | pure-ftpd | < 1.0.50 | 1.0.50 |
| pureftpd | pure-ftpd | >= 0 < 1.0.49-4 | 1.0.49-4 |
| pureftpd | pure-ftpd | >= 0 < 1.0.49-4 | 1.0.49-4 |
| pureftpd | pure-ftpd | >= 0 < 1.0.49-4 | 1.0.49-4 |
| pureftpd | pure-ftpd | >= 0 < 1.0.36-3.2+deb8u1build0.16.04.1 | 1.0.36-3.2+deb8u1build0.16.04.1 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv7.5HIGH
vendor_debian7.5HIGH
vendor_ubuntu7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Pure-FTPd vulnerability
vendor_ubuntu·2020-09-17·CVSS 7.5
CVE-2020-9274 [HIGH] Pure-FTPd vulnerability
Title: Pure-FTPd vulnerability
Summary: Pure-FTPd could be made to expose sensitive information if it recieved
specially crafted input.
Antonio Norales discovered that Pure-FTPd incorrectly handled directory
aliases. An attacker could possibly use this issue to access sensitive
information. (CVE-2020-9274)
Instructions: In general, a standard system update will make all the necessary changes.
Debian
CVE-2020-9274: pure-ftpd - An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerabil...
vendor_debian·2020·CVSS 7.5
CVE-2020-9274 [HIGH] CVE-2020-9274: pure-ftpd - An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerabil...
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.
Scope: local
bookworm: resolved (fixed in 1.0.49-4)
bullseye: resolved (fixed in 1.0.49-4)
sid: resolved (fixed in 1.0.49-4)
trixie: resolved (fixed in 1.0.49-4)
GHSA
GHSA-26hm-gghq-x5rr: An issue was discovered in Pure-FTPd 1
ghsa_unreviewed·2022-05-24
CVE-2020-9274 [MEDIUM] CWE-824 GHSA-26hm-gghq-x5rr: An issue was discovered in Pure-FTPd 1
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.
OSV
pure-ftpd vulnerability
osv·2020-09-17·CVSS 7.5
CVE-2020-9274 [HIGH] pure-ftpd vulnerability
pure-ftpd vulnerability
Antonio Norales discovered that Pure-FTPd incorrectly handled directory
aliases. An attacker could possibly use this issue to access sensitive
information. (CVE-2020-9274)
OSV
CVE-2020-9274: An issue was discovered in Pure-FTPd 1
osv·2020-02-26·CVSS 7.5
CVE-2020-9274 [HIGH] CVE-2020-9274: An issue was discovered in Pure-FTPd 1
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.
No detection rules found.
Nuclei
Pure-FTPd ≤ 1.0.49 - DoS via Uninitialized Pointer
nuclei·CVSS 7.5
CVE-2020-9274 [HIGH] Pure-FTPd ≤ 1.0.49 - DoS via Uninitialized Pointer
Pure-FTPd ≤ 1.0.49 - DoS via Uninitialized Pointer
Pure-FTPd versions ≤ 1.0.49 (>= ~0.96) contain a vulnerability in the init_aliases() function within diraliases.c when processing aliases. This leads to access of an uninitialized pointer, which can cause a denial of service (DoS) condition.
Template:
id: CVE-2020-9274
info:
name: Pure-FTPd ≤ 1.0.49 - DoS via Uninitialized Pointer
author: pussycat0x
severity: high
description: |
Pure-FTPd versions ≤ 1.0.49 (>= ~0.96) contain a vulnerability in the init_aliases() function within diraliases.c when processing aliases. This leads to access of an uninitialized pointer, which can cause a denial of service (DoS) condition.
impact: |
Attackers can trigger denial of service by exploiting an uninitialized pointer in the init_aliases() function w
Bugzilla
CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure [epel-all]
bugzilla·2020-05-04·CVSS 7.5
CVE-2020-9274 [HIGH] CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure [epel-all]
CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit m
Bugzilla
CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure [fedora-all]
bugzilla·2020-05-04·CVSS 7.5
CVE-2020-9274 [HIGH] CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure [fedora-all]
CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg comm
Bugzilla
CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure
bugzilla·2020-05-04·CVSS 7.5
CVE-2020-9274 [HIGH] CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure
CVE-2020-9274 pure-ftpd: uninitialized pointer in the diraliases linked list leads to denial of service or information disclosure
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.
References:
https://github.com/jedisct1/pure-ftpd/commit/8d0d42542e2cb7a56d645fbe4d0ef436e38bcefa
https://lists.debian.org/debian-lts-announce/2020/02/msg00029.html
https://security.gentoo.org/glsa/202003-54
https://www.pureftpd.org/project/pure-ftpd/news/
Discussion:
Created pure-ftpd tracking
https://github.com/jedisct1/pure-ftpd/commit/8d0d42542e2cb7a56d645fbe4d0ef436e38bcefahttps://lists.debian.org/debian-lts-announce/2020/02/msg00029.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22P44PECZWNDP7CMBL7NRBMNFS73C5Z2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5NSUDWXZVWUCL6R2PTX3KBB42Z62CA5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5DBVHJCXWRSJPNJQCJQCKZF6ZDPZCKA/https://security.gentoo.org/glsa/202003-54https://usn.ubuntu.com/4515-1/https://www.pureftpd.org/project/pure-ftpd/news/https://github.com/jedisct1/pure-ftpd/commit/8d0d42542e2cb7a56d645fbe4d0ef436e38bcefahttps://lists.debian.org/debian-lts-announce/2020/02/msg00029.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22P44PECZWNDP7CMBL7NRBMNFS73C5Z2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5NSUDWXZVWUCL6R2PTX3KBB42Z62CA5/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5DBVHJCXWRSJPNJQCJQCKZF6ZDPZCKA/https://security.gentoo.org/glsa/202003-54https://usn.ubuntu.com/4515-1/https://www.pureftpd.org/project/pure-ftpd/news/
2020-02-26
Published