exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 4635-1

Debian Security Advisory 4635-1
Posted Feb 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4635-1 - Antonio Morales discovered an user-after-free flaw in the memory pool allocator in ProFTPD, a powerful modular FTP/SFTP/FTPS server. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2020-9273
SHA-256 | bc5aa8ca4bb689d45b2d9ca0ff9b6ade1a97168e14a988f3692f4ce913bfc8ae

Debian Security Advisory 4635-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4635-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 26, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : proftpd-dfsg
CVE ID : CVE-2020-9273
Debian Bug : 951800

Antonio Morales discovered an user-after-free flaw in the memory pool
allocator in ProFTPD, a powerful modular FTP/SFTP/FTPS server.
Interrupting current data transfers can corrupt the ProFTPD memory pool,
leading to denial of service, or potentially the execution of arbitrary
code.

For the oldstable distribution (stretch), this problem has been fixed
in version 1.3.5b-4+deb9u4.

For the stable distribution (buster), this problem has been fixed in
version 1.3.6-4+deb10u4.

We recommend that you upgrade your proftpd-dfsg packages.

For the detailed security status of proftpd-dfsg please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/proftpd-dfsg

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl5W9SVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QtFhAAmyPdXWZvQztGTqvZrGRIUgQ9pklUva9IFsuBt5pLwHdWPRn1VvUGgKX4
aIQHZvvg/5hmsZv4C5nh8FMdU6MDa87rMO86oJYjQSimAmi16L3ydWgoa8OfQ3kj
5Z+4+yU1Mum00Su5Gw0qXozkHbTcRvMvr4fNcMcjXku9nUxTrz9bwb+bYSqRRq7K
7IEqTTLyrq/a8pHBvBz86+Zn0nvOqQTnGW0O3vQORO4+dMUBoL5DRCC9B3eK3NfB
hNcSUuC1aChqiLTlik0hmuwK5UxyPdSDn56jAFA3aBS0ArNp5lUCim/WbuAFDGy+
jy2kwYj2dlcvV/h7larptqbMTw3mkymv4sgWVjE9FcuwuqYDtcFZo8oTd2/pqyZC
zVUgcihwPTGdtPd2yYGzyPcyi2OrlVYCcWxpDf1ePRV5bRVTF4PA5uHvBjtFb6vr
YLcZkkcLSCpVMB3rP8eWlUp5tSbqCAt7l2wr6Zy9Ul4PNXTtGS9IX1y456mZlZLP
p3Oip8KHbmcH85WjJBw2HN6ECb8CJYKleCTbP9CoZBGBaBc48Qg/mAhi98cvX58b
Z9BAM1duW3JDAbx7yV1CXpaDaXLfkv71aPv/CqZC4TIi0htMHWjysLMtt/9b8hR4
oiz7HILVWGjvaIzGScEqOK3XumvHz5XDG2LmwcPVJ0oWCGQVfRI=
=pzZt
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close