Test ID:	1.3.6.1.4.1.25623.1.0.52532
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: proftpd
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: proftpd CVE-2003-0831 ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0831 Bugtraq: 20030924 [slackware-security] ProFTPD Security Advisory (SSA:2003-259-02) (Google Search) http://marc.info/?l=bugtraq&m=106441655617816&w=2 Bugtraq: 20031013 Remote root exploit for proftpd \n bug (Google Search) http://marc.info/?l=bugtraq&m=106606885611269&w=2 CERT/CC vulnerability note: VU#405348 http://www.kb.cert.org/vuls/id/405348 https://www.exploit-db.com/exploits/107/ http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012072.html ISS Security Advisory: 20030923 ProFTPD ASCII File Remote Compromise Vulnerability http://xforce.iss.net/xforce/alerts/id/154 http://www.mandriva.com/security/advisories?name=MDKSA-2003:095 http://secunia.com/advisories/9829 XForce ISS Database: proftpd-ascii-xfer-newline-bo(12200) https://exchange.xforce.ibmcloud.com/vulnerabilities/12200
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.