Open source FTP server ProFTPD backdoor discovered

Source: Internet
Author: User

The popular open-source FTP server ProFTPD recently found a backdoor in the code. After a ProFTPD Server version containing a backdoor is installed, attackers can obtain system control permissions. The attacker's IP address is from Saudi Arabia. In this version, enter the command "help acidbitchez" to display a root shell. The attacker exploited an unrepaired 0-day vulnerability. The affected version is ProFTPD 1.3.3c downloaded from the official image on January 1, November 28-2.

The H has an article about a back door that was recently put into the ProFTPD server code. "The back door provides the attackers with complete access to systems on which the modified version of the server has been installed. on installation, the modified version informs the group behind the back door by contacting an IP address in the Saudi Arabia area. entering the command 'help acidbitchez' results in the modified server displaying a root shell. [...] ironically, to place their back door, the attackers used a zero day vulnerability in ProFTPD itself, which the developers were using to make the source code available to users. "(Thanks to Jan-Frode Myklebust who gave us a heads-up about this issue ).

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.