Use-after-free vulnerability in the Response API in ProFTPD prior to 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
proftpd proftpd 1.3.3 |
||
proftpd proftpd 1.3.2 |
||
proftpd proftpd 1.3.1 |
||
proftpd proftpd 1.3.0 |
||
proftpd proftpd 1.2.10 |
||
proftpd proftpd 1.2.9 |
||
proftpd proftpd 1.2.7 |
||
proftpd proftpd 1.2.5 |
||
proftpd proftpd 1.2.3 |
||
proftpd proftpd 1.2.1 |
||
proftpd proftpd 1.2.0 |
||
proftpd proftpd 1.2.8 |
||
proftpd proftpd 1.2.2 |
||
proftpd proftpd 1.2.6 |
||
proftpd proftpd |
||
proftpd proftpd 1.2.4 |
Convenient file-store a convenient target for crook touting access
A BBC FTP server ftp.bbc.co.uk was compromised by a Russian hacker and access to it touted online, say computer security researchers. The miscreant behind the attack on the internet-facing file store tried to sell access to the infiltrated system to other crims on Christmas Day, we're told. Hold Security – which this year has helped break news of data heists at Adobe and a top-flight limo company – spotted someone trying to sell access to ftp.bbc.co.uk, according to Reuters. FTP is a 1970s v...