FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

proftpd -- Compromised source packages backdoor

Affected packages
proftpd = 1.3.3c_2

Details

VuXML ID ed7fa1b4-ff59-11df-9759-080027284eaa
Discovery 2010-11-28
Entry 2010-12-04

The ProFTPD Project team reports:

The security issue is caused due to the distribution of compromised ProFTPD 1.3.3c source code packages via the project's main FTP server and all of the mirror servers, which contain a backdoor allowing remote root access.

References

URL http://secunia.com/advisories/42449
URL http://sourceforge.net/mailarchive/message.php?msg_name=alpine.DEB.2.00.1012011542220.12930%40familiar.castaglia.org