proftpd -- programming error

2007-01-07T00:00:00
ID DSA-1245
Type debian
Reporter Debian
Modified 2007-01-07T00:00:00

Description

Martin Loewer discovered that the proftpd FTP daemon is vulnerable to denial of service if the addon module for Radius authentication is enabled.

For the stable distribution (sarge) this problem has been fixed in version 1.2.10-15sarge4.

For the upcoming stable distribution (etch) this problem has been fixed in version 1.2.10+1.3.0rc5-1.

For the unstable distribution (sid) this problem has been fixed in version 1.2.10+1.3.0rc5-1.

We recommend that you upgrade your proftpd package.