ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote malicious users to bypass ACLs or cause an incorrect client hostname to be logged.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
proftpd project proftpd 1.2_pre10 |
||
proftpd project proftpd 1.2_pre11 |
||
proftpd project proftpd 1.2_pre8 |
||
proftpd project proftpd 1.2_pre9 |
||
proftpd project proftpd 1.2.2_rc1 |
||
proftpd project proftpd 1.2.2_rc2 |
||
proftpd project proftpd 1.2_pre1 |
||
proftpd project proftpd 1.2_pre6 |
||
proftpd project proftpd 1.2_pre7 |
||
proftpd project proftpd 1.2 |
||
proftpd project proftpd 1.2.0_rc3 |
||
proftpd project proftpd 1.2_pre2 |
||
proftpd project proftpd 1.2_pre3 |
||
proftpd project proftpd 1.2.1 |
||
proftpd project proftpd 1.2.2 |
||
proftpd project proftpd 1.2_pre4 |
||
proftpd project proftpd 1.2_pre5 |