Test Kennung:	1.3.6.1.4.1.25623.1.0.54569
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200405-09 (proftpd)
Zusammenfassung:	The remote host is missing updates announced in;advisory GLSA 200405-09.
Beschreibung:	Summary: The remote host is missing updates announced in advisory GLSA 200405-09. Vulnerability Insight: Version 1.2.9 of ProFTPD introduced a vulnerability that causes CIDR-based Access Control Lists (ACLs) to be treated as ' AllowAll ', thereby allowing remote users full access to files available to the FTP daemon. Solution: ProFTPD users are encouraged to upgrade to the latest version of the package: # emerge sync # emerge -pv '>=net-ftp/proftpd-1.2.9-r2' # emerge '>=net-ftp/proftpd-1.2.9-r2' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0432 BugTraq ID: 10252 http://www.securityfocus.com/bid/10252 Bugtraq: 20040430 [OpenPKG-SA-2004.018] OpenPKG Security Advisory (proftpd) (Google Search) http://marc.info/?l=bugtraq&m=108335051011341&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2004:041 http://secunia.com/advisories/11527 http://marc.info/?l=bugtraq&m=108335030208523&w=2 XForce ISS Database: proftpd-cidr-acl-bypass(16038) https://exchange.xforce.ibmcloud.com/vulnerabilities/16038
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.