proftpd package

To: debian-user@lists.debian.org
Subject: proftpd package
From: Erwin Ambrosch|XHOSTPLUS <erwin.ambrosch@xhostplus.at>
Date: Thu, 16 Nov 2006 10:06:42 +0100
Message-id: <[🔎] 455C2A22.1090504@xhostplus.at>
Reply-to: erwin.ambrosch@xhostplus.at

Hi all,

I got an announcement related to a security issue in proftpd 1.3.x.

The issue is as follows:

---

Evgeny Legerov has reported a vulnerability in ProFTPD, whichpotentially can be exploited by malicious people to compromise avulnerable system.


The vulnerability is caused due to an unspecified error.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in version 1.3.0. Other versions may alsobe affected.

---

Dose one know whether the actual proftpd-pgsql 1.2.10-15sarge iseffected by this security issue. I didn't read anithing about it relatedto debian sarge.


Thanks
Erwin

Reply to:

Prev by Date: Re: [OT] M$ collaborates with Suse
Next by Date: RE: Reporting brute force ssh login attempts
Previous by thread: Acquire::Retries in apt.conf
Next by thread: too new phpmyadmin security update
Index(es):
- Date
- Thread