One of my hosts is claiming that their ProFTPD install was hacked last night, and that the ProFTPD website itself was distributing a compromised version:
Quote...we discovered that the date of the exploit script used was newer than the most recent version of ProFTPD, and not only that, but also that the ProFTPD distribution server itself had also recently been compromised and has been distributing infected versions...
I'm not directly affected as I've got the FTP daemon disabled on everything, and I guess that most here will be using ssh instead of FTP as well. But if not, you should probably check and shut off FTP if you are running ProFTPD until the facts are clearer.
Yeah, I saw that - but the host is claiming that the exploit is "newer than the most recent version of ProFTPD", so even the uncompromised code isn't safe according to them. They've re-established FTP on their servers, but I don't know if they've patched ProFTPD themselves or if they've switched to a different FTP daemon (I don't have FTP available on my server).