55 matches found
EUVD-2009-3614
Malware in sbrugna...
EUVD-2016-4177
Malware in sbrugna...
SUSE CVE-2016-3125
The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...
Mageia: Security Advisory (MGASA-2016-0128)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 33 : prosody (2020-9f354ec1ad)
Prosody 0.11.7 ============== This is a security release for the 0.11.x stable branch. It is strongly recommended that all users upgrade to this release, especially those whose deployments have enabled modwebsocket. As well as upgrading, we recommend all public deployments to review and configure...
Debian DLA-2018-1 : proftpd-dfsg security update
In modtls a crash with empty CRL was fixed. For Debian 8 'Jessie', this problem has been fixed in version 1.3.5e+r1.3.5-2+deb8u5. We recommend that you upgrade your proftpd-dfsg packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security...
Debian: Security Advisory (DLA-2018-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2018-1] proftpd-dfsg security update
Package : proftpd-dfsg Version : 1.3.5e+r1.3.5-2+deb8u5 CVE ID : CVE-2019-19269 In modtls a crash with empty CRL was fixed. For Debian 8 "Jessie", this problem has been fixed in version 1.3.5e+r1.3.5-2+deb8u5. We recommend that you upgrade your proftpd-dfsg packages. Further information about...
ProFTPD < 1.3.6 Multiple Vulnerabilities
ProFTPD is prone to multiple vulnerabilities in the handling of CRLs in modtls. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ProFTPD < 1.3.5b / 1.3.6x < 1.3.6rc2 weak Diffie-Hellman key
The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is prior to 1.3.5b or 1.3.6x prior to 1.3.6rc2 and is affected by an issue in the modtls module, which might cause a weaker than intended...
Unspecified vulnerability in ProFTPD mod_tls module
ProFTPD is an FTP server program for Unix or Unix-like platforms such as Linux, FreeBSD, etc.. The modtls module in ProFTPD versions prior to 1.3.5b and 1.3.6rc2 prior to 1.3.6 fails to properly handle the TLSDHParamFile directive, which could be exploited by an attacker to cause unspecified impa...
DEBIAN-CVE-2016-3125
The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...
CVE-2016-3125
The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...
CVE-2016-3125
The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...
Design/Logic Flaw
The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...
CVE-2016-3125
ProFTPD mod_tls TLSDHParamFile handling flaw (CVE-2016-3125) may cause a weaker DH key to be used. Affected: ProFTPD before 1.3.5b and before 1.3.6rc2. Remediation: upgrade to 1.3.5b+ or 1.3.6rc2+ (or newer) where patched. Notes from openSUSE/SUSE advisories confirm the fix in later releases.
CVE-2016-3125
The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...
CVE-2016-3125
The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...
MGASA-2016-0128 Updated proftpd packages fix security vulnerability
A bug with security implications was found in the modtls module in ProFTPD before 1.3.5b. This module has a configuration option TLSDHParamFile to specify user-defined Diffie Hellman parameters. The software would ignore the user-defined parameters and use Diffie Hellman key exchanges with 1024...
Updated proftpd packages fix security vulnerability
A bug with security implications was found in the modtls module in ProFTPD before 1.3.5b. This module has a configuration option TLSDHParamFile to specify user-defined Diffie Hellman parameters. The software would ignore the user-defined parameters and use Diffie Hellman key exchanges with 1024...