What Are You Looking For?

Sign Up

- - - ---------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200306-10
- - - ---------------------------------------------------------------------

          PACKAGE : proftpd
          SUMMARY : sql injection
             DATE : 2003-06-25 21:48 UTC
          EXPLOIT : remote
VERSIONS AFFECTED : =proftpd-1.2.9_rc1
              CVE : 

- - - ---------------------------------------------------------------------

from advisory: 

"A SQL Inject exists in ProFTPD server using the mod_sql module to 
authenticate against PostgreSQL database server. This vulnerability 
may allow a remote user to login whithout user and password."

Read the full advisory at 
https://marc.theaimsgroup.com/?l=full-disclosure&m=105597431408016&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-ftp/proftpd upgrade to proftpd-1.2.9_rc1 as follows

emerge sync
emerge proftpd
emerge clean

- - - ---------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at   
- - - ---------------------------------------------------------------------

Gentoo: proftpd sql inject vulnerability

A SQL Inject exists in ProFTPD server using the mod_sql module to authenticate against PostgreSQL database server

Summary


GENTOO LINUX SECURITY ANNOUNCEMENT 200306-10


from advisory: 

"A SQL Inject exists in ProFTPD server using the mod_sql module to 
authenticate against PostgreSQL database server. This vulnerability 
may allow a remote user to login whithout user and password."

Read the full advisory at 
https://marc.theaimsgroup.com/?l=full-disclosure&m=105597431408016&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-ftp/proftpd upgrade to proftpd-1.2.9_rc1 as follows

emerge sync
emerge proftpd
emerge clean

aliz@gentoo.org - GnuPG key is available at

Resolution

References

Availability

Concerns

Severity
PACKAGE : proftpd
SUMMARY : sql injection
DATE : 2003-06-25 21:48 UTC
EXPLOIT : remote
VERSIONS AFFECTED : =proftpd-1.2.9_rc1
CVE :

Synopsis

Background

Affected Packages

Impact

Workaround

Related News

Ubuntu Server Security Best Practices

Oct 15, 2023

New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

Nov 15, 2023

Widespread Xorg DoS, Privilege Escalation Vulns Fixed

Nov 13, 2023

eBPF Offers a New Way to Secure Cloud Native Systems

Oct 25, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo