Gentoo Linux Security Advisory 201309-15 - Multiple vulnerabilities have been found in ProFTPD, the worst of which leading to remote execution of arbitrary code. Versions less than 1.3.4d are affected.
791bb06b4102a706095adc46d590ae0b5ea0a225e56966180f59fa840c1de6d2Slackware Security Advisory - New proftpd packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
cb63893e652e4b1ac3596a93b9ec8e823b155a7fe7c1cc34c0271f992a73ef6eMandriva Linux Security Advisory 2011-181 - Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer. The updated packages have been upgraded to the latest version 1.3.3g which is not vulnerable to this issue.
0be1d40f8f3b58111ad1f44517b3cd8c334da98ee590aaee94305394e4d7a9d6Debian Linux Security Advisory 2346-1 - Several vulnerabilities were discovered in ProFTPD, an FTP server. ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue similar to CVE-2011-0411. ProFTPD uses a response pool after freeing it under exceptional conditions, possibly leading to remote code execution.
4e0fcf4b058513cde8c483fad69e28ac40ae4aa41d60b8770ad1d405582c34f3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed