| |||||||||||||||||||
Mageia alert MGASA-2013-0024 (proftpd)
MGASA-2013-0024 Date: February 6th, 2013 Affected releases: 2 Media: Core Description: Updated proftpd packages fix security vulnerability: It has been discovered that in ProFTPd, an FTP server, an attacker on the same physical host as the server may be able to perform a symlink attack allowing to elevate privileges in some configurations (CVE-2012-6095). Updated Packages: i586: proftpd-1.3.3g-1.2.mga2.i586.rpm proftpd-devel-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_autohost-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_ban-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_case-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_ctrls_admin-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_gss-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_ifsession-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_ldap-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_load-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_quotatab-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_quotatab_file-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_quotatab_ldap-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_quotatab_radius-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_quotatab_sql-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_radius-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_ratio-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_rewrite-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_sftp-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_shaper-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_site_misc-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_sql-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_sql_mysql-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_sql_passwd-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_sql_postgres-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_time-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_tls-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_vroot-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_wrap-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_wrap_file-1.3.3g-1.2.mga2.i586.rpm proftpd-mod_wrap_sql-1.3.3g-1.2.mga2.i586.rpm proftpd-debug-1.3.3g-1.2.mga2.i586.rpm x86_64: proftpd-1.3.3g-1.2.mga2.x86_64.rpm proftpd-devel-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_autohost-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_ban-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_case-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_ctrls_admin-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_gss-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_ifsession-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_ldap-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_load-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_quotatab-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_quotatab_file-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_quotatab_ldap-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_quotatab_radius-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_quotatab_sql-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_radius-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_ratio-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_rewrite-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_sftp-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_shaper-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_site_misc-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_sql-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_sql_mysql-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_sql_passwd-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_sql_postgres-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_time-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_tls-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_vroot-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_wrap-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_wrap_file-1.3.3g-1.2.mga2.x86_64.rpm proftpd-mod_wrap_sql-1.3.3g-1.2.mga2.x86_64.rpm proftpd-debug-1.3.3g-1.2.mga2.x86_64.rpm SRPMS: proftpd-1.3.3g-1.2.mga2.src.rpm References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6095 http://www.debian.org/security/2013/dsa-2606 https://bugs.mageia.org/show_bug.cgi?id=8691 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||