Your message dated Sun, 19 Apr 2009 18:10:55 +0200
with message-id <[email protected]>
and subject line Re: Bug#524646: SQL Injection in proftpd 1.3.0
has caused the Debian Bug report #524646,
regarding SQL Injection in proftpd 1.3.0
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
524646: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524646
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: proftpd
Version 1.3.0
There is a bug in the proftpd Packeage where the hacker can execute SQL
Injection on the Server. And then the hacker is can upload and execute an
*.cgi script, that makes the server to an SPAM Server.
Thers a new version available (1.3.2), in this version the bug is fixed,
please update it in the stable source of debian etch/lenny.
Thank you
System: Debian Etch 4.0 Kernel: 2.6.20-xen-r6
--
Kevin Haag
Güttingerstrasse 27, 8593 Kesswil
Tel. +41 71 460 05 25; Fax +41 71 460 05 26
Mobil: +41 79 602 30 93
[email protected]
--- End Message ---
--- Begin Message ---
Version: 1.3.1-17lenny2
Hi,
* Kevin Haag <[email protected]> [2009-04-19 14:45]:
> Package: proftpd
> Version 1.3.0
>
> There is a bug in the proftpd Packeage where the hacker can execute SQL
> Injection on the Server. And then the hacker is can upload and execute an
> *.cgi script, that makes the server to an SPAM Server.
> Thers a new version available (1.3.2), in this version the bug is fixed,
> please update it in the stable source of debian etch/lenny.
Please add a reference and the security tag in the future.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - [email protected] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgp23qGpzu8jI.pgp
Description: PGP signature
--- End Message ---
