ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Proftpd | Proftpd_project | 1.2 | 1.2 |
| Proftpd | Proftpd_project | 1.2.0_rc3 | 1.2.0_rc3 |
| Proftpd | Proftpd_project | 1.2.1 | 1.2.1 |
| Proftpd | Proftpd_project | 1.2.2 | 1.2.2 |
| Proftpd | Proftpd_project | 1.2.2_rc1 | 1.2.2_rc1 |
| Proftpd | Proftpd_project | 1.2.2_rc2 | 1.2.2_rc2 |
| Proftpd | Proftpd_project | 1.2_pre1 | 1.2_pre1 |
| Proftpd | Proftpd_project | 1.2_pre2 | 1.2_pre2 |
| Proftpd | Proftpd_project | 1.2_pre3 | 1.2_pre3 |
| Proftpd | Proftpd_project | 1.2_pre4 | 1.2_pre4 |
| Proftpd | Proftpd_project | 1.2_pre5 | 1.2_pre5 |
| Proftpd | Proftpd_project | 1.2_pre6 | 1.2_pre6 |
| Proftpd | Proftpd_project | 1.2_pre7 | 1.2_pre7 |
| Proftpd | Proftpd_project | 1.2_pre8 | 1.2_pre8 |
| Proftpd | Proftpd_project | 1.2_pre9 | 1.2_pre9 |
| Proftpd | Proftpd_project | 1.2_pre10 | 1.2_pre10 |
| Proftpd | Proftpd_project | 1.2_pre11 | 1.2_pre11 |