Oracle Solaris Third-Party Patch Update : proftpd (cve_2011_4130_use_after)

The remote Solaris system is missing necessary patches to address security updates : - Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

openSUSE Security Update : proftpd (openSUSE-2011-19)

Vulnerabilities were discovered for the proftpd packages in openSUSE version 12.1. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2011-19. The text description of this plugin is C SU...

Fedora Update for proftpd FEDORA-2013-0468

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Slackware Advisory SSA:2012-041-04 proftpd

The remote host is missing an update as announced via advisory SSA:2012-041-04. OpenVAS Vulnerability Test $Id: esoftslkssa201204104.nasl 6581 2017-07-06 13:58:51Z cfischer $ Description: Auto-generated from advisory SSA:2012-041-04 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / current : proftpd (SSA:2012-041-04)

New proftpd packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2012-041-04...

Debian Security Advisory DSA 2346-1 (proftpd-dfsg)

The remote host is missing an update to proftpd-dfsg announced via advisory DSA 2346-1. OpenVAS Vulnerability Test $Id: deb23461.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2346-1 proftpd-dfsg Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft In...

Debian Security Advisory DSA 2346-1 (proftpd-dfsg)

The remote host is missing an update to proftpd-dfsg announced via advisory DSA 2346-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

[slackware-security] proftpd

New proftpd packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/proftpd-1.3.4a-i486-1slack13.37.txz: Upgraded. This update fixes a use-after-free memory...

Mandriva Update for proftpd MDVSA-2011:181 (proftpd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for proftpd MDVSA-2011:181 (proftpd)

Check for the Version of proftpd OpenVAS Vulnerability Test Mandriva Update for proftpd MDVSA-2011:181 proftpd Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

ProFTPD响应池释放后重用代码执行漏洞

CVE ID: CVE-2011-4130 ProFTPD是免费的Unix和Linux FTP服务器。 ProFTPD在管理响应池的方式上存在代码执行漏洞，远程已验证攻击者可利用此漏洞在远程主机上执行任意代码。 ProFTPD 1.3.3g / 1.3.4 厂商补丁： ProFTPD Project --------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.proftpd.org/...

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

CVE-2011-4130

CVE-2011-4130 is a use-after-free in ProFTPD’s Response API prior to 1.3.3g that allows remote authenticated users to execute arbitrary code after an FTP data transfer. Connected sources confirm affected ProFTPD versions and reference patches/updates; Gentoo GLSA 201309-15 recommends upgrading to...

ProFTPD Prior To 1.3.3g Use-After-Free 远程代码执行漏洞

CVE-2011-4130 ProFTPD的是一个远程代码执行漏洞， 允许攻击者执行任意代码。失败的攻击尝试将导致拒绝服务， 1.3.3g前的ProFTPD存在此漏洞 Red Hat Fedora 16 Red Hat Fedora 15 Red Hat Fedora 14 ProFTPD Project ProFTPD 1.3.3 rc2 ProFTPD Project ProFTPD 1.3.3 ProFTPD Project ProFTPD 1.3.2 rc3 ProFTPD Project ProFTPD 1.3.2 rc2 ProFTPD Project ProFTPD 1.3...

Fedora 16 : proftpd-1.3.4-1.fc16 (2011-15765)

"This update, to the current upstream stable release, includes a pair of security fixes : - Enable OpenSSL countermeasure against SSLv3/TLSv1 BEAST attacks upstream bug 3704 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

[SECURITY] [DSA 2346-1] proftpd-dfsg security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2346-1 [email protected] http://www.debian.org/security/ Florian Weimer November 15, 2011 http://www.debian.org/security/faq -...

Debian DSA-2346-2 : proftpd-dfsg - several vulnerabilities

Several vulnerabilities were discovered in ProFTPD, an FTP server : - No CVE id ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue similar to CVE-2011-0411. - CVE-2011-4130 ProFTPD uses a response pool after freeing it under...

[SECURITY] [DSA 2346-1] proftpd-dfsg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2346-1 [email protected] http://www.debian.org/security/ Florian Weimer November 15, 2011 http://www.debian.org/security/faq -...