Lucene search
GoogleOSV:CVE-2019-19270HistoryNov 26, 2019 - 4:15 a.m.
CVE-2019-19270
2019-11-2604:15:12
Google
osv.dev
9
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
References
lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html
github.com/proftpd/proftpd/issues/859
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OGBBCPLJSDPFG5EI5P5G7P4KEX7YSD5G/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QR65XUHPCRU3NXTSFVF2J4GWRIHC7AHW/
Related
nvd
nvd
CVE-2019-19270
2019-11-26 04:15:12
ubuntucve
ubuntucve
CVE-2019-19270
2019-11-26 00:00:00
debiancve
debiancve
CVE-2019-19270
2019-11-26 04:15:12
cvelist
cvelist
CVE-2019-19270
2019-11-26 03:34:09
cve
cve
CVE-2019-19270
2019-11-26 04:15:12
prion
prion
Code injection
2019-11-26 04:15:00
openvas
openvas
ProFTPD < 1.3.6c CRL Vulnerability
2019-11-29 00:00:00
Fedora Update for proftpd FEDORA-2019-bfacf1e958
2020-01-09 00:00:00
Fedora Update for proftpd FEDORA-2019-65a983b8b6
2019-12-08 00:00:00
nessus
nessus
Fedora 30 : proftpd (2019-65a983b8b6)
2019-12-09 00:00:00
Fedora 31 : proftpd (2019-bfacf1e958)
2019-12-09 00:00:00
openSUSE Security Update : proftpd (openSUSE-2020-31)
2020-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: proftpd-1.3.6b-2.fc31
2019-12-08 01:16:57
[SECURITY] Fedora 30 Update: proftpd-1.3.6b-2.fc30
2019-12-08 01:03:48
[SECURITY] Fedora 31 Update: proftpd-1.3.6c-1.fc31
2020-02-27 17:33:53
suse
suse
Security update for proftpd (moderate)
2020-01-13 00:00:00