On 12.05.2011 18:23, Andrei Caraman wrote:
Hi Andrei,
> Package: proftpd-basic
> Version: 1.3.3a-6squeeze1
> Severity: grave
> Tags: security
> Justification: user security hole
>
https://bugs.debian.org/626524
Please read below.
> After adding the "DefaultAddress 127.0.0.1" in the server conf
It seems the observed behaviour is almost as designed, and in order to
restrict access to localhost only, one needs to also set
SocketBindTight on
in addition to
DefaultAddress 127.0.0.1
After adding "SocketBindTight on", netstat shows
# netstat -tlpe
Active Internet connect
Package: proftpd-basic
Version: 1.3.3a-6squeeze1
Severity: grave
Tags: security
Justification: user security hole
After adding the "DefaultAddress 127.0.0.1" in the server config section and
restarting proftpd-basic, I can see
# /etc/init.d/proftpd restart
Stopping ftp server: proftpd.
Starting
3 matches
Mail list logo
