Advisories » MGASA-2015-0103

Updated vsftpd package fixes security vulnerability

Publication date: 10 Mar 2015
Modification date: 10 Mar 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-1419

Description

The vsftp daemon was not handling the "deny_file" option properly, allowing
unauthorized access in some specific scenarios (CVE-2015-1419).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=15436
• http://lists.opensuse.org/opensuse-updates/2015-03/msg00012.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1419

SRPMS

4/core

• vsftpd-3.0.2-4.1.mga4