exploits , vulnerabilities , articles , ProFTPD AUTH Multiple Authentication Module Security Bypass Vulnerability

Title	ProFTPD AUTH Multiple Authentication Module Security Bypass Vulnerability
Published	2007-04-18-12:00AM
Updated	2007-04-18-05:21PM
Class	Design Error
CVE
Remote	Yes
Local	No
Credit	Evgeni Golov is credited with the discovery of this vulnerability.
Vulnerable	ProFTPD Project ProFTPD 1.3 rc3 ProFTPD Project ProFTPD 1.3 a ProFTPD Project ProFTPD 1.3 .0rc2 ProFTPD Project ProFTPD 1.3 .0rc1 ProFTPD Project ProFTPD 1.3 ProFTPD Project ProFTPD 1.2.10 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia64 Debian Linux 3.1 ia32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 ProFTPD Project ProFTPD 1.2.9 rc3 ProFTPD Project ProFTPD 1.2.9 rc2 ProFTPD Project ProFTPD 1.2.9 rc1 ProFTPD Project ProFTPD 1.2.9 MandrakeSoft Linux Mandrake 10.0 OpenPKG OpenPKG 2.0 OpenPKG OpenPKG 1.3 OpenPKG OpenPKG Current Slackware Linux 9.1 Slackware Linux 9.0 Slackware Linux 8.1 Slackware Linux current ProFTPD Project ProFTPD 1.2.8 rc2 ProFTPD Project ProFTPD 1.2.8 rc1 ProFTPD Project ProFTPD 1.2.8 Slackware Linux 9.0 Slackware Linux 8.1 Slackware Linux current ProFTPD Project ProFTPD 1.2.7 rc3 ProFTPD Project ProFTPD 1.2.7 rc2 ProFTPD Project ProFTPD 1.2.7 rc1 ProFTPD Project ProFTPD 1.2.7 Sun Cobalt Qube 3 ProFTPD Project ProFTPD 1.2.6 ProFTPD Project ProFTPD 1.2.5 rc1 ProFTPD Project ProFTPD 1.2.5 ProFTPD Project ProFTPD 1.2.4 Debian Linux 3.0 sparc Debian Linux 3.0 s/390 Debian Linux 3.0 ppc Debian Linux 3.0 mipsel Debian Linux 3.0 mips Debian Linux 3.0 m68k Debian Linux 3.0 ia64 Debian Linux 3.0 ia32 Debian Linux 3.0 hppa Debian Linux 3.0 arm Debian Linux 3.0 alpha Debian Linux 3.0 ProFTPD Project ProFTPD 1.2.3 ProFTPD Project ProFTPD 1.2.2 rc3 ProFTPD Project ProFTPD 1.2.2 rc1 ProFTPD Project ProFTPD 1.2.2 ProFTPD Project ProFTPD 1.2.1 ProFTPD Project ProFTPD 1.2 pre9 ProFTPD Project ProFTPD 1.2 pre8 ProFTPD Project ProFTPD 1.2 pre7 ProFTPD Project ProFTPD 1.2 pre6 ProFTPD Project ProFTPD 1.2 pre5 ProFTPD Project ProFTPD 1.2 pre4 ProFTPD Project ProFTPD 1.2 pre3 ProFTPD Project ProFTPD 1.2 pre2 ProFTPD Project ProFTPD 1.2 pre11 ProFTPD Project ProFTPD 1.2 pre10 ProFTPD Project ProFTPD 1.2 pre1 ProFTPD Project ProFTPD 1.2 .0rc3 Conectiva Linux 7.0 Conectiva Linux 6.0 Conectiva Linux 5.1 Conectiva Linux 5.0 Conectiva Linux graficas Conectiva Linux ecommerce MandrakeSoft Linux Mandrake 8.1 ia64 MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.0 ppc MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 7.2 ProFTPD Project ProFTPD 1.2 .0rc2 ProFTPD Project ProFTPD 1.2 .0rc1 ProFTPD Project ProFTPD 1.2 Cobalt Qube 3.0 Cobalt Qube 2.0 Cobalt RaQ 3.0 Cobalt RaQ 2.0 Cobalt RaQ 1.1
Not Vulnerable
Code	Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-16 Horde Application Framework Administration Interface Cross-Site Scripting Vulnerability
2009-12-16 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities
2009-12-16 Merkaartor Insecure Temporary File Creation Vulnerability
2009-12-15 TYPO3 Watchdog (aba_watchdog) Unspecified Information Disclosure Vulnerability
2009-12-15 PostgreSQL Index Function Session State Modification Local Privilege Escalation Vulnerability
2009-12-15 PostgreSQL NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-12-15 IBM DB2 prior to 9.5 Fix Pack 5 Multiple Unspecified Security Vulnerabilities
2009-12-15 Sun Ray Server Software Desktop Session Handling Local Security Bypass Vulnerability
2009-12-15 Mozilla Firefox Sage Extension RSS Feeds Cross Domain Scripting Vulnerability
2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability