*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Tyler Hicks (tyhicks):
The CVE-2015-3306 problem is arround for some time now and is not fixed in 12.04 and 14.04 LTS versions. http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-3306.html I also tested it with telnet. I can copy files without any authentication if mod_copy is enabled (mod_copy is per default enabled!) The module is very usefull. I would be happy if I can re enable it on my servers. Debian and other distributions have already fix this in their systems. http://bugs.proftpd.org/show_bug.cgi?id=4169 https://security-tracker.debian.org/tracker/CVE-2015-3306 Is there a special reason why this still not fixed on the LTS versions of Ubuntu? ** Affects: proftpd-dfsg (Ubuntu) Importance: Undecided Status: Incomplete ** Tags: cve-2015-3306 -- proftpd mod_copy issue (CVE-2015-3306) https://bugs.launchpad.net/bugs/1462311 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
