Bug 1778781 (CVE-2011-2523)

Summary: CVE-2011-2523 vsftpd: backdoor which opens a shell on port 6200/tcp
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: jaskalnik, mosvald, msehnout, nagy.martin, olysonek
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-12-02 15:51:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1778782    

Description Guilherme de Almeida Suckevicz 2019-12-02 13:45:41 UTC 
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.

Reference:
https://vigilance.fr/vulnerability/vsftpd-backdoor-in-version-2-3-4-10805
https://packetstormsecurity.com/files/102745/VSFTPD-2.3.4-Backdoor-Command-Execution.html
Comment 1 Tomas Hoger 2019-12-02 15:51:52 UTC 
vsftpd 2.3.4 was not included in any Red Hat Enterprise Linux version.  The backdoor was not found in the vsftpd versions that are shipped with Red Hat Enterprise Linux 5, 6, 7, or 8.