FreeBSD Ports: proftpd, proftpd-mysql

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : proftpd (SSA:2012-041-04)

New proftpd packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2012-041-04...

Debian Security Advisory DSA 2346-1 (proftpd-dfsg)

The remote host is missing an update to proftpd-dfsg announced via advisory DSA 2346-1. OpenVAS Vulnerability Test $Id: deb23461.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2346-1 proftpd-dfsg Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft In...

Debian Security Advisory DSA 2346-2 (proftpd-dfsg)

The remote host is missing an update to proftpd-dfsg announced via advisory DSA 2346-2. OpenVAS Vulnerability Test $Id: deb23462.nasl 8972 2018-02-28 07:02:10Z cfischer $ Description: Auto-generated from advisory DSA 2346-2 proftpd-dfsg Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft In...

Debian Security Advisory DSA 2346-1 (proftpd-dfsg)

The remote host is missing an update to proftpd-dfsg announced via advisory DSA 2346-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Debian: Security Advisory (DSA-2346-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] proftpd

New proftpd packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/proftpd-1.3.4a-i486-1slack13.37.txz: Upgraded. This update fixes a use-after-free memory...

FreeBSD : proftpd -- arbitrary code execution vulnerability with chroot (022a4c77-2da4-11e1-b356-00215c6a37bb)

The FreeBSD security advisory FreeBSD-SA-11:07.chroot reports : If ftpd is configured to place a user in a chroot environment, then an attacker who can log in as that user may be able to run arbitrary code.... Proftpd shares the same problem of a similar nature. %NASLMINLEVEL 70300 C Tenable...

Mandriva Update for proftpd MDVSA-2011:181 (proftpd)

Check for the Version of proftpd OpenVAS Vulnerability Test Mandriva Update for proftpd MDVSA-2011:181 proftpd Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Update for proftpd MDVSA-2011:181 (proftpd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Linux Security Advisory : proftpd (MDVSA-2011:181)

A vulnerability was discovered and fixed in proftpd : Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer CVE-2011-4130. The updated packages hav...

ProFTPD响应池释放后重用代码执行漏洞

CVE ID: CVE-2011-4130 ProFTPD是免费的Unix和Linux FTP服务器。 ProFTPD在管理响应池的方式上存在代码执行漏洞，远程已验证攻击者可利用此漏洞在远程主机上执行任意代码。 ProFTPD 1.3.3g / 1.3.4 厂商补丁： ProFTPD Project --------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.proftpd.org/...

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

DEBIAN-CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

Design/Logic Flaw

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

CVE-2011-4130

CVE-2011-4130 is a use-after-free in ProFTPD’s Response API prior to 1.3.3g that allows remote authenticated users to execute arbitrary code after an FTP data transfer. Connected sources confirm affected ProFTPD versions and reference patches/updates; Gentoo GLSA 201309-15 recommends upgrading to...

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...