ALL >> Computers >> View Article
Open-source Ftp Application Compromised. Information Security Experts Analyze The Vulnerability
Over the recent years, IT security has become the buzz word. The rising threat profile in the cyberspace has made it inevitable for software developers and vendors of security products to place greater emphasis on security. Hackers are waiting to explore all forms of vulnerabilities. The recent acquisition of security solutions firm - McAfee by Intel indicates the imminent challenges involved for software developers.
Of late, Websites have been one of the prime targets for hacking attacks. Breach of a webpage, may result in unauthorized access to the associated databases. Therefore, it is important to have secured underlying server software. Recently, information security professionals reported breach of ProFTPD, File Transfer Protocol (FTP) server software. Hackers exploited an existing unpatched weakness in the FTP application to gain access to the ProFTPD's main distribution server. On gaining access to the main server, the intruders inserted a backdoor in place of the source files. The attack affects the ...
... latest version 1.3.3c and associated mirror servers. The source code of ProFTPD is free available and can be altered by anyone with malicious intentions. Usually, organizations use ethical hacking to identify the weaknesses for taking corrective measures. In this case, unknown hackers exploited an unpatched vulnerability on the affected system.
Incidentally, the intrusion follows a recent attack on another free software repository by hackers. ProFTPD is used by websites of many organizations including Harvard Law School, abebooks.com, SourceForge, Frontier Internet, Daresbury Laboratory and Linksys among others. Information Security researchers behind ProFTPD project have warned clients, who have downloaded the recent version of the software to check for security compromises. The backdoors allows attackers to gain remote access to the root access of the compromised system. However, the researchers have confirmed that source code embedded in the CVS, which examines the alterations in files, remains unaffected.
Users who have downloaded the compromised ProFTPD version may protect their systems from further compromise by installing an unaffected version of the software. The ProFTPD website lists the PGP signatures to enable sites driven by ProFTPD software to verify whether the source files installed by them are compromised.
Contact Press
EC-Council
iclass@eccouncil.org
Add Comment
Computers Articles
1. Spark Matrix™: Multi-carrier Parcel Management SolutionsAuthor: Umangp
2. Best Odoo Erp Software Company In Dubai For Business Growth
Author: Mayur Meheshwari
3. Top Challenges Faced By Equipment Rental Companies In The Uae — And How Erp Solves Them
Author: Al murooj solutions
4. Spark Matrix™: Intelligent Virtual Assistants (iva)
Author: Umangp
5. Pos Software Designed For Retail Operations
Author: EPOS Direct
6. Erp System That Reduces Stress And Improves Productivity
Author: Shalijah
7. Spark Matrix™: Global Service Parts Planning Application
Author: Umangp
8. Spark Matrix™: Enterprise Information Archiving
Author: Umangp
9. Textideo: Transforming Text Into Engaging Ai-powered Videos For Modern Creators
Author: Ethan Walker
10. Spark Matrix™: Enterprise Ai Search
Author: Umangp
11. What Identity Governance Really Means In Modern Enterprises
Author: Mansoor Alam
12. Strategies For Successful Site Selection In Clinical Trials
Author: Giselle Bates
13. Simplifying Business Purchases With Smart, Reliable Procurement Solutions
Author: suma
14. How Businesses In Dubai Are Scaling Faster With Modern Erp Software
Author: Al murooj solutions
15. How To Choose The Right Weapon Tracking System: 7 Must-have Features
Author: 3PL Insights