Chiwopsezo chachikulu (CVE-2019-12815) chadziwika mu ProFTPd (seva yotchuka ya ftp). Kugwira ntchito kumakupatsani mwayi wokopera mafayilo mkati mwa seva popanda kutsimikiziridwa pogwiritsa ntchito malamulo a "site cpfr" ndi "site cpto", kuphatikizapo ma seva omwe ali ndi mwayi wosadziwika.
Chiwopsezocho chimayamba chifukwa choyang'ana molakwika zoletsa zowerengera ndi kulemba (Limit READ ndi Limit WRITE) mu mod_copy module, yomwe imagwiritsidwa ntchito mwachisawawa ndikuyatsidwa mu phukusi la proftpd pazogawitsa zambiri.
Mitundu yonse yamakono pamagawidwe onse kupatula Fedora imakhudzidwa. Kukonzekera kulipo ngati chigamba. Monga yankho kwakanthawi, tikulimbikitsidwa kuletsa mod_copy.
Source: linux.org.ru