CyberNews Briefs

ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers

A security researcher has uncovered a critical security vulnerability in the ProFTPD service that puts over a million servers at risk of remote code execution and information disclosure attacks. Even though the flaw was disclosed to ProFTP in September of last year, there is still no patch available. However, the threat can be mitigated by means of a workaround.

The vulnerability, tracked as CVE-2019-12815, affects the mod_copy module of ProFTPD in every single ProFTPD version. The workaround consists of disabling this module in the ProFTPd configuration file.

Read more: ProFTPD Remote Code Execution Bug Exposes Over 1 Million Servers

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.