Plesk : ProFTPD Remote Code Execution Vulnerability and Exploit

A flaw in the popular ProFTPD FTP server potentially allows unauthenticated attackers to compromise a server. The problem is caused by a buffer overflow in the pr_netio_telnet_gets() function for evaluating TELNET IAC sequences. ProFTPD bug report: http://bugs.proftpd.org/show_bug.cgi?id=3521 Parallels Plesk Panel 9.x, 9.5x and 10 include this vulnerability. Parallels will issue Micro Updates (hotfixes) for 9.5.2 […]