Secure testing team - Nov 2010 - Bug#602288: proftpd-basic: Remote Code Execution Vulnerability in TELNET_IAC processing

Package: proftpd-basic
Version: 1.3.3a-4
Severity: grave
Tags: security patch
Justification: security hole

According to http://bugs.proftpd.org/show_bug.cgi?id=3521 and
http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3c, there is a remote code
execution vulnerability in proftpd since version 1.3.2rc3, which was
fixed in 1.3.3c. A patch fixing only this vulnerability is
available from the mentioned bug report page.
(http://bugs.proftpd.org/attachment.cgi?id=3436)