ProFTPD pwned and backdoored

On 29 novemeber the server at which is hosting the official ProFTPD download packages and source for all other mirrors was compromised and a backdoor has been planted into the source. This seems to be the case only for the 1.3.3c version of ProFTPD.

Original quote from compromised

[01/Dec/2010]The ProFTPD Project team is sorry to announce that the Project’s main FTP server, as well as all of the mirror servers, have carried compromised versions of the ProFTPD 1.3.3c source code, from the November 28 2010 to December 2 2010. All users who run versions of ProFTPD which have been downloaded and compiled in this time window are strongly advised to check their systems for security compromises and install unmodified versions of ProFTPD.

To verify the integrity of your source files, use the PGP signatures which can be found here as well as on the FTP servers.

The source code in CVS was not affected.

Thus if you grabbed 1.3.3c lately and set it up on your system you’d better act upon it. More info on the subject and pointers on what too look for can be find here. pwned


Details about the pwnage here. Pwned

Kasper In The Sky Antivirus has been pwned at the fullest extent of shame! It’s probably because they have been smoking up up to the skies for too long celebrating somewhat of a popularity on the AV market. A slap doesn’t hurt from time to time…just so too keep them in focus and concentrated. 😈