PT-2001-2585 · Proftpd · Proftpd

Published

2001-12-31

Updated

2017-12-19

CVE-2001-1500

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ProFTPD versions 1.2.2rc2 and possibly other versions

Description The issue allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged due to improper verification of reverse-resolved hostnames by not performing forward resolution.

Recommendations For ProFTPD version 1.2.2rc2, consider updating to a newer version that properly verifies hostnames to prevent ACL bypass and incorrect logging. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1500

Affected Products

Proftpd

PT-2001-2585 · Proftpd · Proftpd

CVE-2001-1500

Related Identifiers

Affected Products

References · 6