First published: Mon Sep 18 2023
Last modified: Mon Sep 18 2023
It was discovered that vsftpd was vulnerable to the ALPACA TLS protocol content confusion attack. A remote attacker could possibly use this issue to redirect traffic from one subdomain to another.
The vulnerability ID for this vsftpd vulnerability is USN-6379-1.
The title of this vulnerability is 'USN-6379-1: vsftpd vulnerability'.
This vulnerability in vsftpd is related to the ALPACA TLS protocol content confusion attack, which can allow a remote attacker to redirect traffic from one subdomain to another.
The vsftpd package with a version up to and excluding 3.0.5-0ubuntu0.20.04.1 is affected on Ubuntu Ubuntu 20.04.
To fix this vulnerability, you should update the vsftpd package to version 3.0.5-0ubuntu0.20.04.1 or higher.