Описание
Security update for vsftpd
vsftpd was updated to fix one security issue.
This security issue was fixed:
- CVE-2015-1419: vsftpd config option deny_file was not handled correctly (bnc#915522).
Note: deny_file shouldn't be used to restrict access, as stated in the documentation. Please use more reliable methods.
Список пакетов
SUSE Linux Enterprise Server 12
vsftpd-3.0.2-18.1
SUSE Linux Enterprise Server for SAP Applications 12
vsftpd-3.0.2-18.1
Ссылки
- Link for SUSE-SU-2015:0516-1
- E-Mail link for SUSE-SU-2015:0516-1
- SUSE Security Ratings
- SUSE Bug 900326
- SUSE Bug 915522
- SUSE CVE CVE-2015-1419 page
Описание
Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to deny_file parsing.
Затронутые продукты
SUSE Linux Enterprise Server 12:vsftpd-3.0.2-18.1
SUSE Linux Enterprise Server for SAP Applications 12:vsftpd-3.0.2-18.1
Ссылки
- CVE-2015-1419
- SUSE Bug 900326
- SUSE Bug 915522
- SUSE Bug 922024