ProFTPD Client Hostname Resolving Vulnerability
ProFTPD contains a vulnerability which may allow for remote attackers to bypass ProFTPD access control lists or have false information logged. ProFTPD does not forward resolve reverse-resolved hostnames to verify that the IP address matches of the client matches DNS records.
It may be possible for a remote attacker with control over address space to set an arbitrary hostname as the PTR record for the attacking address. This false hostname will be evaluated against the ProFTPD ACLs and recorded in log files.
L33tdawg: Information on the temporary work around and the list of vulnerable versions is in the read more.
bugtraq id 3310
class Design Error
cve CVE-MAP-NOMATCH
remote Yes
local No
published September 07, 2001
updated September 10, 2001
vulnerable ProFTPD Project ProFTPD 1.2pre9
ProFTPD Project ProFTPD 1.2pre8
ProFTPD Project ProFTPD 1.2pre7
ProFTPD Project ProFTPD 1.2pre6
ProFTPD Project ProFTPD 1.2pre5
ProFTPD Project ProFTPD 1.2pre4
ProFTPD Project ProFTPD 1.2pre3
ProFTPD Project ProFTPD 1.2pre2
ProFTPD Project ProFTPD 1.2pre11
ProFTPD Project ProFTPD 1.2pre10
ProFTPD Project ProFTPD 1.2pre1
ProFTPD Project ProFTPD 1.2
Solution: A workaround is to disable the 'UseReverseDNS' option in the configuration file.