Slashdot Mirror

← Back to Stories (view on slashdot.org)

ProFTPD.org Compromised, Backdoor Distributed

Posted by CmdrTaco on Thursday December 2, 2010 @01:40AM from the scary-world-we-live-in dept.

Orome1 writes "A warning has been issued by the developers of ProFTPD, the popular FTP server software, about a compromise of the main distribution server of the software project that resulted in attackers exchanging the offered source files for ProFTPD 1.3.3c with a version containing a backdoor. It is thought that the attackers took advantage of an unpatched security flaw in the FTP daemon in order to gain access to the server."

4 of 152 comments (clear)

Min score:

Reason:

Sort:

Should have used vsftpd by sparkz · 2010-12-02 01:47 · Score: 4, Funny

Oh, the irony

--
Author, Shell Scripting : Expert Re
Re:FTP by Rhaban · 2010-12-02 01:57 · Score: 4, Funny

People still use Joomla?
Wait, what was the hole again? by jonaskoelker · 2010-12-02 02:40 · Score: 4, Funny

resulted in attackers exchanging the offered source files for ProFTPD 1.3.3c with a version containing a backdoor. It is thought that the attackers took advantage of an unpatched security flaw in the FTP daemon in order to gain access to the server.
So instead of downloading an FTP server with a security hole, you could download one with... a security hole.
Re:not on Debian stable by Anonymous Coward · 2010-12-02 02:53 · Score: 2, Funny

thankfully that fancy new version will be available from official repository for Debian stable in about 100 years or so..
That newfangled FTP protocol is still pretty new to the Debian Stable folks.