Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 14 Jan 2011 20:56:14 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Subject: CVE request: proftpd before 1.3.3d

See:
http://www.securityfocus.com/bid/44933
http://phrack.org/issues.html?issue=67&id=7#article
http://bugs.gentoo.org/show_bug.cgi?id=348998

Quote from securityfocus:
"ProFTPD is prone to a remote heap-based buffer-overflow vulnerability.

Attackers can exploit this vulnerability to execute arbitrary code with
SYSTEM-level privileges. Failed exploit attempts will result in a
denial-of-service condition."

Please assign CVE (a 2010 / last year one).

-- 
Hanno Böck		mail/jabber: hanno@...eck.de
GPG: BBB51E42		http://www.hboeck.de/

Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.