ProFTPD Developers Patch Serious Security Flaw
Developers of an extremely well-known and widely used FTP server of the open source kind, ProFTPD have released an updated version 1.3.3d fixing critical vulnerability within the SQL software pertaining to each of its earlier versions, h-online.com reports in news on December 20, 2010.
Actually according to the news details, during November end 2010, ProFTPD developers cautioned that they had been inadvertently providing the source code associated with their FTP server in a booby-trapped edition. As a result, by downloading and running the ProFTPD even from any authentic dispersal server from November 28, 2010 to December 1, 2010, end-users were chanced to allow the installation of a malicious backdoor Trojan on their computers.
This backdoor let online attackers who were connected to servers having the ProFTPD of the falsified edition, acquire root shells via just issuing an instruction known as "HELP ACIDBITCHEZ."
Incidentally, after some days had passed before the discovery of the security violation, ProFTPD maintainer T J Saunders stated that it was possible that hackers abused an un-patched flaw for infiltrating ftp.proftpd.org. Softpedia.com published this on December 21, 2010.
The vulnerability apparently occurred due to a condition of heap overflow within the sql_prepare_chere() function that came to be publicly known via the security magazine Phrack of the November issue.
But, somehow, this knowledge was not with the ProFTPD developers for ten days since the public disclosure of the flaw during when hackers cashed in on the situation and hijacked the legitimate dispersal server.
Notably, alongside the heap overflow conditioned sql_prepare_where() that has been repaired via bettering bounds checking, the latest 1.3.3d edition takes care of 11 more security problems.
Plainly speaking, the latest edition contains patches for other not so severe flaws, security adjustments and other perfections as well. What's more, the ProFTPD developers further provided a "nearly ready" subsequent edition namely 1.3.4rc1of the application.
Thus in the end, security researchers suggest that users should embrace the new ProFTPD 1.3.3c edition without the slightest delay. More significantly, they should utilize the ProFTPD team provided MD5 and PGP signatures to make sure they've the unchanged source code's authentic copy, they further suggest.
Related article: Profit-motivated Cyber Criminals Aim Soft Targets like Bank Codes
» SPAMfighter News - 01-01-2011