Package: proftpd-dfsg Version: 1.3.1-17lenny4 Severity: grave Tags: security , patch
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for proftpd-dfsg. CVE-2010-4221[0]: | Multiple stack-based buffer overflows in the pr_netio_telnet_gets | function in netio.c in ProFTPD before 1.3.3c allow remote attackers to | execute arbitrary code via vectors involving a TELNET IAC escape | character to a (1) FTP or (2) FTPS server. Patch available: http://bugs.proftpd.org/show_bug.cgi?id=3521 If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4221 http://security-tracker.debian.org/tracker/CVE-2010-4221 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
