1565 matches found
proftpd -- remote code execution vulnerability
Tippingpoint reports: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ProFTPD. Authentication is not required to exploit this vulnerability. The flaw exists within the proftpd server component which listens by default on TCP port 21. When readin...
[slackware-security] openssl
New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2010-0433 https://vulners.com/cve/CVE-2010-0740 A...
Debian DSA-1925-1 : proftpd-dfsg - insufficient input validation
It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, when the dNSNameRequired TLS option is enabled. %NASLMINLEVEL 70300 C Tenable Network Security,...
[Backports-security-announce] Security Update for proftpd-dfsg
Francesco P. Lovergine uploaded new packages for proftpd-dfsg which fixed the following security problem: CVE-2009-3639 The modtls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a \0 character in a domain name i...
[Backports-security-announce] Security Update for proftpd-dfsg
Francesco P. Lovergine uploaded new packages for proftpd-dfsg which fixed the following security problem: CVE-2009-3639 The modtls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a \0 character in a domain name i...
[Backports-security-announce] Security Update for proftpd-dfsg
Francesco P. Lovergine uploaded new packages for proftpd-dfsg which fixed the following security problem: CVE-2009-3639 The modtls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a \0 character in a domain name i...
Fedora Core 11 FEDORA-2009-13236 (proftpd)
The remote host is missing an update to proftpd announced via advisory FEDORA-2009-13236. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
Fedora Core 12 FEDORA-2009-13250 (proftpd)
The remote host is missing an update to proftpd announced via advisory FEDORA-2009-13250. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
Fedora Core 11 FEDORA-2009-13236 (proftpd)
The remote host is missing an update to proftpd announced via advisory FEDORA-2009-13236. OpenVAS Vulnerability Test $Id: fcore200913236.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-13236 proftpd Authors: Thomas Reinke Copyright: Copyright c 2009...
Fedora Core 12 FEDORA-2009-13250 (proftpd)
The remote host is missing an update to proftpd announced via advisory FEDORA-2009-13250. OpenVAS Vulnerability Test $Id: fcore200913250.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-13250 proftpd Authors: Thomas Reinke Copyright: Copyright c 2009...
Fedora 11 : proftpd-1.3.2c-1.fc11 (2009-13236)
This update addresses CVE-2009-3555 SSL/TLS renegotiation vulnerability, mitigating the problem by refusing all client-initiated SSL/TLS session renegotiations. This update to the latest maintenance release also fixes a number of bugs recorded in the proftpd bug tracker: - SSL/TLS renegotiation...
Fedora 12 : proftpd-1.3.2c-1.fc12 (2009-13250)
This update addresses CVE-2009-3555 SSL/TLS renegotiation vulnerability, mitigating the problem by refusing all client-initiated SSL/TLS session renegotiations. This update to the latest maintenance release also fixes a number of bugs recorded in the proftpd bug tracker: - SSL/TLS renegotiation...
[SECURITY] Fedora 11 Update: proftpd-1.3.2c-1.fc11
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
[SECURITY] Fedora 12 Update: proftpd-1.3.2c-1.fc12
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
Mandriva Linux Security Advisory : proftpd (MDVSA-2009:337)
A vulnerability has been identified and corrected in proftpd : The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla...
[ MDVSA-2009:337 ] proftpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:337 http://www.mandriva.com/security/ Package : proftpd Date : December 22, 2009 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability has been...
ProFTPD TLS会话重协商明文数据注入漏洞
CVE ID: CVE-2009-3555 ProFTPD是一款开放源代码FTP服务程序。 ProFTPD的模块modtls存在OpenSSL的会话可重新协商选项的漏洞,导致攻击者可以在会话数据流中插入明文数据,操纵数据交互。 ProFTPD Project ProFTPD 1.3.x 厂商补丁: ProFTPD Project --------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.proftpd.org/docs/RELEASENOTES-1.3.2c...
Fedora Core 11 FEDORA-2009-11649 (proftpd)
The remote host is missing an update to proftpd announced via advisory FEDORA-2009-11649. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...
Fedora Core 10 FEDORA-2009-11666 (proftpd)
The remote host is missing an update to proftpd announced via advisory FEDORA-2009-11666. OpenVAS Vulnerability Test $Id: fcore200911666.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-11666 proftpd Authors: Thomas Reinke Copyright: Copyright c 2009...
Fedora Core 10 FEDORA-2009-11666 (proftpd)
The remote host is missing an update to proftpd announced via advisory FEDORA-2009-11666. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...