[Kroupware] ProFTPD vulnerability
Martin Konold
martin.konold at erfrakon.de
Wed Sep 24 13:35:34 CEST 2003
Hi,
yesterday it came to our attention that ProFTPD has a remote exloitable
vulnerabilty.
According to http://xforce.iss.net/xforce/alerts/id/154 a successful exploit
needs uploading and downloading permissions on the server.
The standard Kolab setup does not allow for downloading from ProFTPD.
Erfrakon will nevertheless provide an update of the proftp source package
asap, basically because some users might use the kolab provided proftpd for
other purposes than just support for legacy Kolab client platforms (Win NT4)
Regards,
-- martin
Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold at erfrakon.de
More information about the Kroupware
mailing list