FreeBSD : proftpd -- Compromised source packages backdoor (ed7fa1b4-ff59-11df-9759-080027284eaa)

High Nessus Plugin ID 50980


The remote FreeBSD host is missing a security-related update.


The ProFTPD Project team reports :

The security issue is caused due to the distribution of compromised ProFTPD 1.3.3c source code packages via the project's main FTP server and all of the mirror servers, which contain a backdoor allowing remote root access.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 50980

File Name: freebsd_pkg_ed7fa1b4ff5911df9759080027284eaa.nasl

Version: $Revision: 1.5 $

Type: local

Published: 2010/12/06

Modified: 2013/06/22

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:proftpd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2010/12/04

Vulnerability Publication Date: 2010/11/28

Reference Information

Secunia: 42449