S
snowfire
Guest
ProFTPD 1.3.3e - PCI compliance scan failed
Hello
I just completed a clients container upgrade from 10.3 to 10.4.4 (media Temple Plesk Parallels panel) specifically to fix the issue with ProFTPD.
I just ran a new pci scan, and it failed on ProFtpD( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4130), It lists the solution as "upgrade to 1.3.3g".
current version: psa-proftpd 1.3.3e-cos5.build1013111101.14
according to the knowledgebase(http://www.parallels.com/products/plesk/documentation/proftpd/) the current version should be fine, is this true, should I contact security metrics and submit some type of mitigation?
Is this version available for upgrade? would I have to do a command line micro upgrade (my panel does not list any upgrades for the container)?
thank you for your help
Hello
I just completed a clients container upgrade from 10.3 to 10.4.4 (media Temple Plesk Parallels panel) specifically to fix the issue with ProFTPD.
I just ran a new pci scan, and it failed on ProFtpD( http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4130), It lists the solution as "upgrade to 1.3.3g".
current version: psa-proftpd 1.3.3e-cos5.build1013111101.14
according to the knowledgebase(http://www.parallels.com/products/plesk/documentation/proftpd/) the current version should be fine, is this true, should I contact security metrics and submit some type of mitigation?
Is this version available for upgrade? would I have to do a command line micro upgrade (my panel does not list any upgrades for the container)?
thank you for your help
Last edited by a moderator: