Submitted by agentbleu on Sun, 06/07/2015 - 10:17
I've got ProFTPD 1.3.4a Server (Debian)
the exploit https://security-tracker.debian.org/tracker/CVE-2015-3306
needed is clear instructions on howto upgrade proftpd
thanks guys
Status:
Active
Comments
Submitted by agentbleu on Sun, 06/07/2015 - 10:19 Comment #1
root@tools:/tmp# more /etc/*-release :::::::::::::: /etc/lsb-release :::::::::::::: DISTRIB_ID=Ubuntu DISTRIB_RELEASE=12.04 DISTRIB_CODENAME=precise DISTRIB_DESCRIPTION="Ubuntu 12.04.5 LTS" :::::::::::::: /etc/os-release :::::::::::::: NAME="Ubuntu" VERSION="12.04.5 LTS, Precise Pangolin" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu precise (12.04.5 LTS)" VERSION_ID="12.04"
Virtualmin version 4.17.gpl
Submitted by agentbleu on Sun, 06/07/2015 - 10:20 Comment #2
Submitted by agentbleu on Sun, 06/07/2015 - 10:21 Comment #3
https://www.exploit-db.com/exploits/36742/
Submitted by agentbleu on Sun, 06/07/2015 - 10:23 Comment #4
in /tmp
-rw-r--r-- 1 proftpd nogroup 81 May 25 09:17 '97055
'
Submitted by JamieCameron on Sun, 06/07/2015 - 12:51 Comment #5
You should be able to run
apt-get install proftpd, assuming that Debian has released an updated package.Submitted by andreychek on Sun, 06/07/2015 - 16:28 Comment #6
Howdy -- yeah, the ProFTPd package isn't something we supply, but as soon as Debian updates their package, you'll be able to upgrade to it using apt as Jamie showed above.