If you are running a Linux server with Plesk control panel, please be aware there was a flaw discovered in the ProFTPD server that potentially allows unauthenticated attackers to compromise your server. The problem is caused by a buffer overflow in the pr_netio_telnet_gets() function for evaluating TELNET IAC sequences. The ProFTPD bug report is available here: http://bugs.proftpd.org/show_bug.cgi?id=3521
A Proftpd update for Plesk has been provided by Atomic Rocket Turtle. To apply the update, execute the commands below:
wget -O – http://www.atomicorp.com/installers/atomic | sh
yum upgrade psa-proftpd
Please review http://www.parallels.com/products/plesk/ProFTPD for updates to this security issue.