CVE-2010-20103 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a…
Critical CVSS: 9.3

CVE-2010-20103

A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.
Vendor
Proftpd
Product
Proftpd
CWE
CWE-912
Yayın Tarihi
2025-08-20 16:15:34
Güncelleme
2025-09-24 17:02:12
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-912 Proftpd CRITICAL Proftpd 2025

Referanslar

http://www.proftpd.org/ https://advisories.checkpoint.com/defense/advisories/public/2011/cpai-2010-151.html/ https://github.com/proftpd/proftpd https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb https://web.archive.org/web/20111107212129/http://rsync.proftpd.org/ https://www.exploit-db.com/exploits/15662 https://www.exploit-db.com/exploits/16921 https://www.vulncheck.com/advisories/proftpd-backdoor-command-execution https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ftp/proftpd_133c_backdoor.rb https://www.exploit-db.com/exploits/15662 https://www.exploit-db.com/exploits/16921