[Bug 905252] [NEW] CVE-2011-4130
Launchpad Bug Tracker
905252 at bugs.launchpad.net
Fri Dec 16 16:14:13 UTC 2011
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Ubuntu Foundation's Bug Bot (crichton):
Description
Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g
allows remote authenticated users to execute arbitrary code via vectors
involving an error that occurs after an FTP data transfer.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4130
- http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4130
- https://launchpad.net/bugs/cve/CVE-2011-4130
- http://security-tracker.debian.net/tracker/CVE-2011-4130
Effected:
- Lucid
- Maverick
- Natty
- Oneiric
** Affects: proftpd-dfsg (Ubuntu)
Importance: Undecided
Assignee: Mahyuddin Susanto (udienz)
Status: In Progress
** Tags: patch
--
CVE-2011-4130
https://bugs.launchpad.net/bugs/905252
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list