FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- Cross-site request forgery in ftpd(8)

Affected systems
6.3 < FreeBSD < 6.3_7
6.4 < FreeBSD < 6.4_1
7.0 < FreeBSD < 7.0_7

Details

VuXML ID e9ecaceb-db0d-11dd-aa56-000bcdf0a03b
Discovery 2008-12-23
Entry 2009-01-05

Problem Description:

The ftpd(8) server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command.

Impact:

This could, with a specifically crafted command, be used in a cross-site request forgery attack.

FreeBSD systems running ftpd(8) server could act as a point of privilege escalation in an attack against users using web browser to access trusted FTP sites.

Workaround:

No workaround is available, but systems not running FTP servers are not vulnerable. Systems not running the FreeBSD ftp(8) server are not affected, but users of other ftp daemons are advised to take care since several other ftp daemons are known to have related bugs.

References

CVE Name CVE-2008-4247
FreeBSD Advisory SA-08:12.ftpd