Critical bug in ProFTPD closed

The ProFTPD Project developers have released versions 1.3.3g and 1.3.4 of their open source FTP server. ProFTPD 1.3.4 addresses a critical use-after-free memory corruption error in the response API code.

According to Tipping Point’s Zero Day Initiative (ZDI), the vulnerability could be exploited by a remote attacker to compromise a victim’s system. For users running the 1.3.3x branch, ProFTPD 1.3.3g eliminates the security problem and also fixes several other bugs.

Read more at H-online

Comments are closed.