The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Pure-ftpd exploit.

Discussion in 'General Discussion' started by NickJ, Apr 26, 2007.

  1. NickJ

    NickJ Member

    Joined:
    Jun 16, 2004
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Nasik
    Hello,

    Is there any way to prevent the server exploit via pure-ftpd (BFD+Password crack)?
    All *index.* files were injected with some code as well as iframe code.
    As per the /var/log/message, all connection were made via pure-ftp, cracked the password of the accounts, download the file, inject code and upload it again.
    We have BFD and CSF running on server.
    Also, the version of pure-ftp is updated to latest version but still its happening.
    Any help would be really appreciated.

    Regards,
    NickJ
     
  2. MN-Robert

    MN-Robert Well-Known Member

    Joined:
    Feb 19, 2003
    Messages:
    203
    Likes Received:
    0
    Trophy Points:
    16
Loading...

Share This Page