Debian update for proftpd-dfsg
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-48651 |
| CWE-ID | CWE-269 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Debian Linux Operating systems & Components / Operating system proftpd-dfsg (Debian package) Operating systems & Components / Operating system package or component |
| Vendor | Debian |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Improper privilege management
EUVDB-ID: #VU101665
Risk: High
CVSSv4.0: 7.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-48651
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the affected system.
The vulnerability exists due to improper privilege management when handling users without assigned supplementary groups. If the user has no groups assigned to their account, the server will assume the GID of 0 for this account. As a result, the user will gain access to files and directories owned by the system root user and will be able to modify them at will, leading to privilege escalation and system compromise.
Update proftpd-dfsg package to version 1.3.8+dfsg-4+deb12u4.
Vulnerable software versionsDebian Linux: All versions
proftpd-dfsg (Debian package): before 1.3.8+dfsg-4+deb12u4
CPE2.3- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:debian:proftpd-dfsg_debian_package:*:*:*:*:*:debian_linux:*:*
https://lists.debian.org/debian-security-announce/2024/msg00243.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
