Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 032-1 (proftpd)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to proftpd announced via advisory DSA 032-1.
Insight
Insight
The following problems have been reported for the version of proftpd in Debian 2.2 (potato): 1. There is a configuration error in the postinst script, when the user enters 'yes', when asked if anonymous access should be enabled. The postinst script wrongly leaves the 'run as uid/gid root' configuration option in /etc/proftpd.conf, and adds a 'run as uid/gid nobody' option that has no effect. 2. There is a bug that comes up when /var is a symlink, and proftpd is restarted. When stopping proftpd, the /var symlink is removed when it's started again a file named /var is created. The above problems have been corrected in proftpd-1.2.0pre10-2.0potato1. We recommend you upgrade your proftpd package immediately.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20032-1