Antonio Morales discovered an user-after-free flaw in the memory pool allocator in ProFTPD, a powerful modular FTP/SFTP/FTPS server. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially the execution of arbitrary
Archive for February 26th, 2020
4 results.
Comment
Qualys discovered that the OpenSMTPD SMTP server performed insufficient validation of SMTP commands, which could result in local privilege escalation or the execution of arbitrary code.
Fix privilege escalation (https://bugzilla.redhat.com/show_bug.cgi?id=1803499)
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability