Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th August 2005, 12:01
domino domino is offline
Senior Member
 
Join Date: Aug 2005
Posts: 364
Thanks: 0
Thanked 9 Times in 8 Posts
Default ProFTPD potential security hole

I have had this message lurking on top of my WHM Panel. Maybe some my take hed to the warning since most of us do use it

Quote:
Security At this time, it is recommended that all customers using proftpd Switch to pure-ftpd as soon as possible to eliminate a potential security hole. Please note that all released versions of proftpd are belived to be affected and the exact problem is not yet known. Customers who experience the problems switching are welcomed to bypass the normal support procedure and submit a ticket directly at cpanel.net.

Severity: High
Reply With Quote
Sponsored Links
  #2  
Old 18th August 2005, 12:14
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Quote:
Originally Posted by domino
I have had this message lurking on top of my WHM Panel. Maybe some my take hed to the warning since most of us do use it
Hello,

as far as i know is this security hole related only to SQL-based installs. ISPConfig does not use the SQL functions in proftpd. But maybe anyone else knows if also non-sql setups are affected.

Till
Reply With Quote
  #3  
Old 18th August 2005, 12:52
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,478
Thanks: 813
Thanked 5,255 Times in 4,121 Posts
Default

Maybe a switch to pureftpd as option makes sense for the next versions because proftpd has a long history of bugs
Reply With Quote
  #4  
Old 19th August 2005, 03:25
domino domino is offline
Senior Member
 
Join Date: Aug 2005
Posts: 364
Thanks: 0
Thanked 9 Times in 8 Posts
 
Thumbs up

Quote:
Originally Posted by till
Maybe a switch to pureftpd as option makes sense for the next versions because proftpd has a long history of bugs
YES PLEASE!! And as far as I know, It's faster with login and handshakes. Plus it uses less memory than proftpd. That would be great! How about just add it as a plug-in as you did with phpMyAdmin, and Webmail? Is that feasable?

Edit: PS. Even better glftpd? I would love to run scripts on my ftp client without having to log into shell Adn there are so many other things you can do with glftpd

Last edited by domino; 19th August 2005 at 03:37.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ProFTPD Logins and Authentication pete General 9 14th August 2005 23:24


All times are GMT +2. The time now is 23:36.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.