Debian Security Advisory DSA 1245-1 (proftpd) Network Vulnerability

Summary

The remote host is missing an update to proftpd announced via advisory DSA 1245-1. Martin Loewer discovered that the proftpd FTP daemon is vulnerable to denial of service if the addon module for Radius authentication is enabled.

Solution

For the stable distribution (sarge) this problem has been fixed in version 1.2.10-15sarge4. For the upcoming stable distribution (etch) this problem has been fixed in version 1.2.10+1.3.0rc5-1. For the unstable distribution (sid) this problem has been fixed in version 1.2.10+1.3.0rc5-1. We recommend that you upgrade your proftpd package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201245-1

Severity

Classification

CVE CVE-2005-4816

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1008-1 (kdegraphics)
Debian Security Advisory DSA 1009-1 (crossfire)
Debian Security Advisory DSA 096-1 (mutt)
Debian Security Advisory DSA 1033-1 (horde3)
Debian Security Advisory DSA 1017-1 (kernel-source-2.6.8)

Take action and discover your vulnerabilities