proftpd -- programming error

2006-11-21T00:00:00
ID DSA-1218
Type debian
Reporter Debian
Modified 2006-11-21T00:00:00

Description

It was discovered that the proftpd FTP daemon performs insufficient validation of FTP command buffer size limits, which may lead to denial of service.

For the stable distribution (sarge) this problem has been fixed in version 1.2.10-15sarge2.

For the unstable distribution (sid) this problem has been fixed in version 1.3.0-13 of the proftpd-dfsg package.

We recommend that you upgrade your proftpd package.