Mandriva Linux Security Advisory : proftpd (MDVSA-2013:245)
Medium Nessus Plugin ID 70300
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been discovered and corrected in proftpd :
Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation (CVE-2013-4359).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.