December 2, 2010
in Open Source, Security
ProFTPD.org Compromised, ProFTPD 1.3.3c source distributed with backdoor.
A warning has been issued by the developers of ProFTPD, the popular FTP server software, about a compromise of the main distribution server of the software project that resulted in attackers exchanging the offered source files for ProFTPD 1.3.3c with a version containing a backdoor.
It is thought that the attackers took advantage of an unpatched security flaw in the FTP daemon in order to gain access to the server.
Via: Net Security