Test ID:	1.3.6.1.4.1.25623.1.0.877445
Category:	Fedora Local Security Checks
Title:	Fedora: Security Advisory for pure-ftpd (FEDORA-2020-85fa9f07f4)
Summary:	The remote host is missing an update for the 'pure-ftpd'; package(s) announced via the FEDORA-2020-85fa9f07f4 advisory.
Description:	Summary: The remote host is missing an update for the 'pure-ftpd' package(s) announced via the FEDORA-2020-85fa9f07f4 advisory. Vulnerability Insight: Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels (setfsuid, sendfile, capabilities). Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in LS, anti-warez system, bandwidth throttling, FXP, bounded ports for passive downloads, UL/DL ratios, native LDAP and SQL support, Apache log files and more. Rebuild switches: - -without ldap disable ldap support - -without mysql disable mysql support - -without pgsql disable postgresql support - -without extauth disable external authentication - -without tls disable SSL/TLS Affected Software/OS: 'pure-ftpd' package(s) on Fedora 30. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-20176 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PICL3U2J4EPGBLOE555Y5RAZTQL3WBBV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AHZG5FPCRMCB6Z3L7FPICC6BZ5ZATFTO/ https://github.com/jedisct1/pure-ftpd/commit/aea56f4bcb9948d456f3fae4d044fd3fa2e19706
Copyright	Copyright (C) 2020 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.