subject:"Bug#609703\: proftpd\-basic\: sql_prepare_where\(\) buffer overflow \(Bug#3536\)"

Bug#609703: proftpd-basic: sql_prepare_where() buffer overflow (Bug#3536)

2011-01-12 Thread Francesco P. Lovergine

severity 609703 normal thanks On Tue, Jan 11, 2011 at 07:18:23PM +0100, Sebastian Scheible wrote: > Package: proftpd-basic > Version: 1.3.1-17lenny4 > Severity: critical > Tags: security > Justification: root security hole > > As described in > http://www.h-online.com/open/news/item/Phrack-hole-c

Bug#609703: proftpd-basic: sql_prepare_where() buffer overflow (Bug#3536)

2011-01-11 Thread Sebastian Scheible

Package: proftpd-basic Version: 1.3.1-17lenny4 Severity: critical Tags: security Justification: root security hole As described in http://www.h-online.com/open/news/item/Phrack-hole-closed-in-ProFTPD-1156782.html upstream version 1.3.3d fixes a remote root exploit in previous versions (proftpd