Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:232: proftpd Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the proftpd package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:232 (proftpd).
Stack-based buffer overflow in the pr_ctrls_recv_request function in
ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local
users to execute arbitrary code via a large reqarglen length value.
Packages have been patched to correct these issues.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:232
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.