ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Proftpd | Proftpd_project | 1.2 (including) | 1.2 (including) |
| Proftpd | Proftpd_project | 1.2.0_rc3 (including) | 1.2.0_rc3 (including) |
| Proftpd | Proftpd_project | 1.2.1 (including) | 1.2.1 (including) |
| Proftpd | Proftpd_project | 1.2.2 (including) | 1.2.2 (including) |
| Proftpd | Proftpd_project | 1.2.2_rc1 (including) | 1.2.2_rc1 (including) |
| Proftpd | Proftpd_project | 1.2.2_rc2 (including) | 1.2.2_rc2 (including) |
| Proftpd | Proftpd_project | 1.2_pre1 (including) | 1.2_pre1 (including) |
| Proftpd | Proftpd_project | 1.2_pre2 (including) | 1.2_pre2 (including) |
| Proftpd | Proftpd_project | 1.2_pre3 (including) | 1.2_pre3 (including) |
| Proftpd | Proftpd_project | 1.2_pre4 (including) | 1.2_pre4 (including) |
| Proftpd | Proftpd_project | 1.2_pre5 (including) | 1.2_pre5 (including) |
| Proftpd | Proftpd_project | 1.2_pre6 (including) | 1.2_pre6 (including) |
| Proftpd | Proftpd_project | 1.2_pre7 (including) | 1.2_pre7 (including) |
| Proftpd | Proftpd_project | 1.2_pre8 (including) | 1.2_pre8 (including) |
| Proftpd | Proftpd_project | 1.2_pre9 (including) | 1.2_pre9 (including) |
| Proftpd | Proftpd_project | 1.2_pre10 (including) | 1.2_pre10 (including) |
| Proftpd | Proftpd_project | 1.2_pre11 (including) | 1.2_pre11 (including) |