[Secure-testing-team] Bug#602288: proftpd-basic: Remote Code Execution Vulnerability in TELNET_IAC processing
Jan Niehusmann
jan at gondor.com
Wed Nov 3 11:13:51 UTC 2010
Package: proftpd-basic
Version: 1.3.3a-4
Severity: grave
Tags: security patch
Justification: security hole
According to http://bugs.proftpd.org/show_bug.cgi?id=3521 and
http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3c, there is a remote code
execution vulnerability in proftpd since version 1.3.2rc3, which was
fixed in 1.3.3c. A patch fixing only this vulnerability is
available from the mentioned bug report page.
(http://bugs.proftpd.org/attachment.cgi?id=3436)
More information about the Secure-testing-team
mailing list