Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 579
Alerts This Week
Warning Icon 1 579

Debian 2.2: DSA-029-2 Critical ProFTPD DoS & Buffer Overflow Advisory

debian
Calendar Grey March 5, 2001
Debian Logo
Several proftpd flaws outlined in Debian Security Notice DSA-029-2 have been addressed through recent updates. For more details, please read on.
In Debian Security Advisory DSA 029-1 we have reported several vulnerabilities in proftpd that have been fixed

Summary

In Debian Security Advisory DSA 029-1 we have reported several
vulnerabilities in proftpd that have been fixed. For details please
read the main advisory. This upload fixes:

1. A memory leak which can result in a denial of service, as reported
by Wojciech Purczynski. The default configuration of proftpd
in Debian is not vulnerable.

2. A similar memory leak affects the USER command, also as reported
by Wojciech Purczynski.

3. Format string vulnerabilities reported by Przemyslaw Frasunek.

The most recent advisory covering proftpd missed one architecture that
was released with Debian GNU/Linux 2.2. Therefore this advisory is
only an addition to DSA 029-1 and only adds the relevant package for
the Motorola 680x0 architecture.

We recommend you upgrade your sudo packages for m68k immediately.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

You may use an automated update by adding the resources from the
footer to the proper configura...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: proftpd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.