CVE-2017-15270 - Vulnerability Details - OpenCVE

The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface (GUI) view and create arbitrary entries to a certain extent. Special characters such as '"' and ',' and '\r' are not escaped and can be used to add new entries to the log.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Psftp	Psftpd

Configuration 1 [-]

cpe:2.3:a:psftp:psftpd:10.0.4:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/144972/PSFTPd-Windows-FTP-Server-10.0.4-Build-729-Use-After-Free-Log-Injection.html
http://www.securityfocus.com/archive/1/541518/100/0/threaded
https://www.exploit-db.com/exploits/43144/
https://www.x41-dsec.de/lab/advisories/x41-2017-006-psftpd/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-11-15T16:00:00

Updated: 2024-08-05T19:50:16.490Z

Reserved: 2017-10-11T00:00:00

Link: CVE-2017-15270

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-11-15T16:29:00.340

Modified: 2024-11-21T03:14:21.193

Link: CVE-2017-15270

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-11-10T00:00:00", "descriptions": [{"lang": "en", "value": "The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface (GUI) view and create arbitrary entries to a certain extent. Special characters such as '\"' and ',' and '\\r' are not escaped and can be used to add new entries to the log."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/144972/PSFTPd-Windows-FTP-Server-10.0.4-Build-729-Use-After-Free-Log-Injection.html"}, {"name": "20171110 Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP Server", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/541518/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-006-psftpd/"}, {"name": "43144", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/43144/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-15270", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface (GUI) view and create arbitrary entries to a certain extent. Special characters such as '\"' and ',' and '\\r' are not escaped and can be used to add new entries to the log."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://packetstormsecurity.com/files/144972/PSFTPd-Windows-FTP-Server-10.0.4-Build-729-Use-After-Free-Log-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/144972/PSFTPd-Windows-FTP-Server-10.0.4-Build-729-Use-After-Free-Log-Injection.html"}, {"name": "20171110 Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP Server", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/541518/100/0/threaded"}, {"name": "https://www.x41-dsec.de/lab/advisories/x41-2017-006-psftpd/", "refsource": "MISC", "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-006-psftpd/"}, {"name": "43144", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/43144/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T19:50:16.490Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/144972/PSFTPd-Windows-FTP-Server-10.0.4-Build-729-Use-After-Free-Log-Injection.html"}, {"name": "20171110 Advisory X41-2017-006: Multiple Vulnerabilities in PSFTPd Windows FTP Server", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/541518/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-006-psftpd/"}, {"name": "43144", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/43144/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-15270", "datePublished": "2017-11-15T16:00:00", "dateReserved": "2017-10-11T00:00:00", "dateUpdated": "2024-08-05T19:50:16.490Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:psftp:psftpd:10.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "8B13806B-8D82-4705-8390-002602BDA270", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attackers to hide data in the Graphical User Interface (GUI) view and create arbitrary entries to a certain extent. Special characters such as '\"' and ',' and '\\r' are not escaped and can be used to add new entries to the log."}, {"lang": "es", "value": "El servidor PSFTPd 10.0.4 Build 729 no escapa datos correctamente antes de escribirlos en un archivo CSV (Comma Separated Values). Esto puede ser empleado por atacantes para ocultar datos en la vista de interfaz gr\u00e1fica de usuario (GUI) y crear entradas arbitrarias hasta cierto extremo. Los caracteres especiales como las comillas (\"), las comas (,) y los saltos de carro (\\r)no se escapan, por lo que pueden emplearse para a\u00f1adir nuevas entradas al registro."}], "id": "CVE-2017-15270", "lastModified": "2024-11-21T03:14:21.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-11-15T16:29:00.340", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/144972/PSFTPd-Windows-FTP-Server-10.0.4-Build-729-Use-After-Free-Log-Injection.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/541518/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/43144/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-006-psftpd/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/144972/PSFTPd-Windows-FTP-Server-10.0.4-Build-729-Use-After-Free-Log-Injection.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/541518/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/43144/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.x41-dsec.de/lab/advisories/x41-2017-006-psftpd/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}