Careful people. Appearently there's a new proftpd root exploit 0-day.
I dont know if the "perfect" setups from Howtoforge are vurnurable, hopefully wont be if they're run in jail environment. However, I'd be a little bit careful the next following days.

Can you supply a link to where this exploit is mentioned? My Google search returned: http://www.coresecurity.com/?module=ContentMod&action=item&id=1594
......
The vulnerability is located in the "Controls" module. This is an optional feature of ProFTPD server, that must be activated in the configuration file. Controls are a way to communicate directly with a standalone ProFTPD daemon while it is running. This provides administrators a way to alter the daemon's behavior in real time, without having to restart the daemon and have it re-read its configuration. The Controls feature allow authorized users to locally manage parameters of the ProFTPD servers, like aborting connections, managing users, changing log levels, disabling individual virtual servers, etc.

The vulnerability allows local attackers with access to the Controls features (and who have been allowed by Controls ACLs in proftpd.conf) to gain root privileges.
......
This is only applicable for ISPConfig users who have modified the default install. Also this is a rather "old" security notice (Dec 13, 2006), so I'm not sure if you refer to this exploit.

It's a bellua.com security consultant who notify me of this exploit. I dont have the actual source to this exploit, but I'd just be a bit careful the coming days until they've issued a patch to this issue.

Thanks for the info.. Will keep an eye on my ProFTP (runing in user jailed mode)

As far as I nkow, the controls feature is not activated in any of the perfect setup guides. But every administrator should install all available updates and patches from his linux distribution regularily.