Vulnerability Details : CVE-2007-2165
The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd.
Products affected by CVE-2007-2165
- cpe:2.3:a:proftpd_project:proftpd:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-2165
84.90%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-2165
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST |
References for CVE-2007-2165
-
http://securitytracker.com/id?1017931
Access DeniedVendor Advisory
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=419255
#419255 - proftpd allows logins with almost no password if configured with SQLAuthTypes Plaintext - Debian Bug report logsVendor Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00065.html
[SECURITY] Fedora 7 Update: proftpd-1.3.1-2.fc7
-
http://www.securityfocus.com/bid/23546
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:130
Mandriva
-
https://bugzilla.redhat.com/show_bug.cgi?id=237533
237533 – (CVE-2007-2165) CVE-2007-2165: proftpd auth bypass vulnerability
-
http://bugs.proftpd.org/show_bug.cgi?id=2922
Bug 2922 – Auth API allows one auth module to authenticate user data provided by a different auth modulePatch
-
http://www.vupen.com/english/advisories/2007/1444
Site en construction
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/33733
ProFTPD Auth API security bypass CVE-2007-2165 Vulnerability Report
Jump to