A vulnerability in ProFTPD could lead to a Denial of Service condition.
|Package||net-ftp/proftpd on all architectures|
|Affected versions||< 1.3.7a|
|Unaffected versions||>= 1.3.7a|
ProFTPD is an advanced and very configurable FTP server.
It was found that ProFTPD did not properly handle invalid SCP commands.
An authenticated remote attacker could issue invalid SCP commands, possibly resulting in a Denial of Service condition.
There is no known workaround at this time.
All ProFTPD users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-ftp/proftpd-1.3.7a"
September 13, 2020
September 13, 2020: 1