ALL >> Computers >> View Article
Open-source Ftp Application Compromised. Information Security Experts Analyze The Vulnerability
Over the recent years, IT security has become the buzz word. The rising threat profile in the cyberspace has made it inevitable for software developers and vendors of security products to place greater emphasis on security. Hackers are waiting to explore all forms of vulnerabilities. The recent acquisition of security solutions firm - McAfee by Intel indicates the imminent challenges involved for software developers.
Of late, Websites have been one of the prime targets for hacking attacks. Breach of a webpage, may result in unauthorized access to the associated databases. Therefore, it is important to have secured underlying server software. Recently, information security professionals reported breach of ProFTPD, File Transfer Protocol (FTP) server software. Hackers exploited an existing unpatched weakness in the FTP application to gain access to the ProFTPD's main distribution server. On gaining access to the main server, the intruders inserted a backdoor in place of the source files. The attack affects the ...
... latest version 1.3.3c and associated mirror servers. The source code of ProFTPD is free available and can be altered by anyone with malicious intentions. Usually, organizations use ethical hacking to identify the weaknesses for taking corrective measures. In this case, unknown hackers exploited an unpatched vulnerability on the affected system.
Incidentally, the intrusion follows a recent attack on another free software repository by hackers. ProFTPD is used by websites of many organizations including Harvard Law School, abebooks.com, SourceForge, Frontier Internet, Daresbury Laboratory and Linksys among others. Information Security researchers behind ProFTPD project have warned clients, who have downloaded the recent version of the software to check for security compromises. The backdoors allows attackers to gain remote access to the root access of the compromised system. However, the researchers have confirmed that source code embedded in the CVS, which examines the alterations in files, remains unaffected.
Users who have downloaded the compromised ProFTPD version may protect their systems from further compromise by installing an unaffected version of the software. The ProFTPD website lists the PGP signatures to enable sites driven by ProFTPD software to verify whether the source files installed by them are compromised.
Contact Press
EC-Council
iclass@eccouncil.org
Add Comment
Computers Articles
1. Time Attendance Management System At Only 1sgd Per MonthAuthor: James
2. Nfc Guard Tour System Singapore @ 30sgd Per Month
Author: James
3. Virtual Guard Fencing @ 30sgd Per Month
Author: James
4. Guard Patrol Tour System @ 30sgd Per Month
Author: James
5. Best Payroll Software In Singapore @ Exiga Software
Author: James
6. Smart Barcode Gps Time Management Singapore
Author: James
7. Future Of Ccaas: Predictions For Customer Service Innovation Beyond 2026
Author: Umangp
8. Hire Affordable Android App Developers For Custom Mobile Solutions
Author: web panel solutions
9. Top Ai Development Mistakes And How To Avoid Them
Author: brainbell10
10. Social Media Platforms & Their Evolving Role In Search Engine Marketing (sem) In 2026
Author: sochtek
11. Best Shopify Web Design Company Delivering Scalable E-commerce Solutions
Author: web panel solutions
12. Why Do Certified Technicians Matter In Computer Repairs?
Author: computerrepairservices
13. Quality Assurance Tutorial: Everything You Must Know To Build High-quality Software
Author: Tech Point
14. Understanding Manual Testing In Simple Words
Author: Tech Point
15. How Is The Dish Antennas Market Evolving With New Technologies?
Author: komal