ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,055
More than one million ProFTPD servers are vulnerable to remote code execution and information disclosure attacks that could be triggered after successful exploitation of an arbitrary file copy vulnerability.

ProFTPd is an open-source and cross-platform FTP server with support for most UNIX-like systems and Windows, and one of the most popular ones targeting the UNIX-based platforms along with Pure-FTPd and vsftpd.

All ProFTPd versions up to and including 1.3.5b are impacted by the vulnerability which enables remote attackers to execute arbitrary code without the need to authenticate and with the user rights of the ProFTPD service after successful exploitation.

The security flaw tracked as CVE-2019-12815 (Debian, SUSE, Ubuntu) was identified in the mod_copy module by Tobias Mädel and it was reported to ProFTPd's security team on September 28, with the patched ProFTPd 1.3.6 version having been released on July 17.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top