Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

ProFTPD Backdoor Unauthorized Access Vulnerability

Information

Severity

Severity

Critical

Family

Family

Gain a shell remotely

CVSSv2 Base

CVSSv2 Base

10.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

12 years ago

Modified

Modified

3 years ago

Summary

ProFTPD is prone to an unauthorized-access vulnerability due to a backdoor in certain versions of the application.

Affected Software

Affected Software

The issue affects the ProFTPD 1.3.3c package downloaded between November 28 and December 2, 2010. The MD5 sums of the unaffected ProFTPD 1.3.3c source packages are as follows: 8571bd78874b557e98480ed48e2df1d2 proftpd-1.3.3c.tar.bz2 4f2c554d6273b8145095837913ba9e5d proftpd-1.3.3c.tar.gz Files with MD5 sums other than those listed above should be considered affected.

Solution

Solution

The vendor released an advisory to address the issue. Please see the references for more information.