bugfix for proftpd

Requests for RPMS, or new coding projects related to server administration, Plesk, security, or anything else you can think of.
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

bugfix for proftpd

Unread post by BruceLee »

Hi,

since I don't know if it's needed in ART psa-proftpd package I thought I just might ask.
A bugfix is out for this vulnerability:
When ProFTPd is compiled with mod_site_misc and when a directory is
writable, an attacker can use mod_site_misc to:
- create a directory located outside the writable directory
- delete a directory located outside the writable directory
- create a symlink located outside the writable directory
- change the time of a file located outside the writable directory

SOURCE:
http://bugs.proftpd.org/show_bug.cgi?id=3519

Thanks a lot.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: bugfix for proftpd

Unread post by scott »

Awesome, thanks for the heads up. Its very very appreciated, we try to stay on top of these things every day but sometimes we miss out in the daily flood. I'm really glad you caught this.

The update should be available in the [asl-2.0] repo shortly.
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

Re: bugfix for proftpd

Unread post by BruceLee »

Great. Thank you very much. I will pop up with that kind of stuff whenever I see it.
Post Reply