vsftpd Compromised Source Packages Backdoor Vulnerability
Last Update Date:
5 Jul 2011 10:58
Release Date:
5 Jul 2011
8754
Views
RISK: High Risk
TYPE: Servers - Internet App Servers
![TYPE: Internet App Servers](/f/bulletin_type/100014/37p37/servers-internet-app-servers.png)
A vulnerability has been identified in vsftpd, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to the distribution of backdoored vsftpd version 2.3.4 source code packages (vsftpd-2.3.4.tar.gz) via the project's main server.
Impact
- Remote Code Execution
System / Technologies affected
- vsftpd 2.3.x
Solutions
- Check and validate your copy of the source code.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with