Anybody who's installed version 2.3.4 of vsftpd using a tarball from the project's site should shut it down pronto, looks like the site was compromised and the version you've installed has a backdoor.

El Reg spills the beans (http://www.theregister.co.uk/2011/07/05/ftp_backdoor_shenanigans/)

None of the versions available from the Ubuntu repos are this version, so it seems like they should be safe. Someone might want to go over the code and confirm that though.

Oh Spice Weasel wherever you may be
There's a UF thread that needs a troll or three

Anybody who's installed version 2.3.4 of vsftpd using a tarball from the project's site should shut it down pronto, looks like the site was compromised and the version you've installed has a backdoor.

El Reg spills the beans (http://www.theregister.co.uk/2011/07/05/ftp_backdoor_shenanigans/)

None of the versions available from the Ubuntu repos are this version, so it seems like they should be safe. Someone might want to go over the code and confirm that though.

thanks for heads up!

dont worry, i installed VSFTPD from the website and within seconds id been offered a great deal on AntiVirus 2011 Pro at only $90. They even processed the transaction for me before i had to waste time filling in my credit card details :cool:

troll posts removed - leave it that way

which was the project's site?
vsftpd.beasts.org

and this is the new one?
https://security.appspot.com/vsftpd.html

dont worry, i installed VSFTPD from the website and within seconds id been offered a great deal on AntiVirus 2011 Pro at only $90. They even processed the transaction for me before i had to waste time filling in my credit card details :cool:

Better put your card details in anyway, just to make sure you're safe.