[Bug 310949] Re: ProFTPD in Hardy vulnerable to CVE-2008-4242
Patrick Burleson
pburleson at gmail.com
Wed Aug 19 02:57:01 UTC 2009
I have just confirmed this bug using the command from the Debian Bug
linked in this report.
perl -e 'print "A"x1022,"QUIT\n"' | nc localhost 21
I checked this against a fully updated Hardy Heron 8.04 LTS system
running ProFTPd 1.3.1-6ubuntu1.
If the command above prints out "Goodbye", then the version of ProFTPd
is vulnerable.
** Changed in: proftpd-dfsg (Ubuntu)
Status: Invalid => Confirmed
--
ProFTPD in Hardy vulnerable to CVE-2008-4242
https://bugs.launchpad.net/bugs/310949
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list