ProFTPD Compromised

SourceForge has posted an announcement regarding the compromised source for ProFTPD, and the insertion of a back door.  An attacker compromised the main ftp.proftpd.org site on November 28, 2010, which means that anybody who has downloaded ProFTPD between then and December 1, 2010 may be running a version with backdoor code.  

Apparently the original compromise was performed against an unpatched vulnerability within ProFTPD itself, so even if you did not install the backdoored version, you may be running vulnerable software.  Get ‘er updated.

Advertisements