Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

Gentoo: 200309-16 Critical: proftpd ASCII File Remote Exploit

gentoo
Calendar Grey September 29, 2003
Dist Gentoo Esm H88
GENTOO LINUX SECURITY NOTICE 202309-21 outlines an issue in vsftpd concerning potential unauthorized access to private information.
ISS X-Force discovered a vulnerability that could be triggered when a specially crafted file is uploaded to a proftpd server.

Summary


- ------------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200309-16
- ------------------------------------------------------------------------
    FIXED VERSION : =proftpd-1.2.9_rc2
    GENTOO BUG ID : 29452
- ------------------------------------------------------------------------
SUMMARY:

ISS X-Force discovered a vulnerability that could be triggered when a specially crafted file is uploaded to a proftpd server.
Read the full advisory at: The ProFTPD Project: Home
SOLUTION:
It is recommended that all Gentoo Linux users who are running net-ftp/proftpd upgrade to proftpd-1.29_rc2 as follows
emerge sync emerge '>=net-ftp/proftpd-1.2.9_rc2' emerge clean
solar@gentoo.org aliz@gentoo.org - GnuPG key is available at


Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
critical
Lowest
Low
Medium
High
Critical

PACKAGE : net-ftp/proftpd
SUMMARY : ASCII File Remote Compromise Vulnerability
DATE : 2003-09-28 00:37 UTC
EXPLOIT : remote
VERSIONS AFFECTED : <proftpd-1.2.9_rc2
CVE : none that we are aware of at this time

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround