*attackers most likely used an unpatched security issue in the FTP daemon* If th... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		forgotAgain on Dec 2, 2010 \| parent \| context \| favorite \| on: ProFTPD.org main FTP servers compromised using a 0... attackers most likely used an unpatched security issue in the FTP daemon If they don't know exactly how the server was compromised I don't understand how they can know the vulnerability is limited to software downloaded within a certain timeframe. The added backdoor yes, but the vulnerability that allowed the attack to succeed is still unaccounted for. Or am I missing something?

moe on Dec 3, 2010 [–]

how they can know the vulnerability is limited to software downloaded within a certain timeframe.

It isn't. The bug has been in ProFTPd for years, here's the details:

http://bugs.proftpd.org/show_bug.cgi?id=3521

If anyone is running a ProFTPd version older than 1.3.3c then you should act now. Your host is open to remote code execution.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact