edit-icon download-icon

[Vulnerability notice] Unauthorized file replication vulnerability in ProFTPD

Last Updated: May 07, 2018

Description

ProFTPD is an FTP server and open-source software, compatible with Unix-like systems and Microsoft Windows.

ProFTPD has an unauthorized file replication vulnerability that allows a user logged on to the FTP service to copy files under other directories beyond the user’s permissions.

Affected versions

ProFTPD <= 1.3.5

Fix

  • Upgrade ProFTPD to the latest version.
  • Set up a complex FTP logon password to avoid hacking.
  • Disable anonymous logon.
Thank you! We've received your feedback.