FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pureftpd -- multiple vulnerabilities

Affected packages
pure-ftpd < 1.0.32

Details

VuXML ID 1495f931-8522-11e0-a1c1-00215c6a37bb
Discovery 2011-04-01
Entry 2011-05-23

Pure-FTPd development team reports:

Support for braces expansion in directory listings has been disabled -- Cf. CVE-2011-0418.

Fix a STARTTLS flaw similar to Postfix's CVE-2011-0411. If you're using TLS, upgrading is recommended.

References

Bugtraq ID 46767
CVE Name CVE-2011-0418
CVE Name CVE-2011-1575