# Vsftpd

> Mediated Wiki article. Canonical URL: https://mediated.wiki/source/Vsftpd
> Markdown URL: https://mediated.wiki/source/Vsftpd.md
> Source: https://en.wikipedia.org/wiki/Vsftpd
> Source revision: 1353553565
> License: Creative Commons Attribution-ShareAlike 4.0 International (https://creativecommons.org/licenses/by-sa/4.0/)

{{short description|Free and open-source FTP server software for UNIX-like systems}}
{{Lowercase title}}
{{Infobox software
|name = vsftpd
|logo =
|caption =
|developer = Chris Evans
|latest_release_version = 3.0.5
|latest_release_date = {{release date|2021|08|02}}
|operating_system = [Unix-like](/source/Unix-like) systems
|genre = FTP daemon
|license = [GPL](/source/GNU_General_Public_License)
|website = {{URL|https://security.appspot.com/vsftpd.html}}
}}
'''vsftpd''' (or '''very secure FTP daemon''')<ref>{{cite web |url=https://linux.die.net/man/8/vsftpd|title=vsftpd(8) - Linux man page}}</ref> is an [FTP](/source/File_Transfer_Protocol) server for [Unix-like](/source/Unix-like) systems, including [Linux](/source/Linux). It is the default FTP server in the [Ubuntu](/source/Ubuntu_(operating_system)), [CentOS](/source/CentOS), [Fedora](/source/Fedora_(operating_system)), [NimbleX](/source/NimbleX), [Slackware](/source/Slackware) and [RHEL](/source/RHEL) [Linux](/source/Linux) distributions. It is licensed under the [GNU General Public License](/source/GNU_General_Public_License). It supports [IPv6](/source/IPv6), [TLS](/source/Transport_Layer_Security) and [FTPS](/source/FTPS) (explicit since 2.0.0 and implicit since 2.1.0).

== Compromised website ==
In July 2011, it was discovered that vsftpd version 2.3.4 downloadable from the master site had been compromised.<ref>[http://www.securityfocus.com/bid/48539/discuss vsftpd Compromised Source Packages Backdoor Vulnerability] {{Webarchive|url=https://web.archive.org/web/20210127075340/https://www.securityfocus.com/bid/48539/discuss |date=2021-01-27 }} at [SecurityFocus](/source/SecurityFocus)</ref><ref name=sbs1>{{cite web |url=https://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html |title=Alert: vsftpd download backdoored |last1=Evans |first1=Chris |date=2011-06-03 |access-date=July 7, 2011}}</ref> Users logging into a compromised vsftpd-2.3.4 server may issue a ":)" smileyface as the username and gain a command shell on port 6200.<ref name=sbs1 /> This was not an issue of a security hole in the original version of vsftpd; instead, an unknown attacker had uploaded a different version of vsftpd which contained a [backdoor](/source/backdoor_(computing)). Since then, the site was moved to [Google App Engine](/source/Google_App_Engine).

== See also ==
{{Portal|Free and open-source software}}
* [Pure-FTPd](/source/Pure-FTPd)

== References ==
{{reflist}}

== External links ==
* [https://help.ubuntu.com/community/vsftpd Guide to setting up vsftpd] including TLS/SSL encryption
{{Free-software-stub}}
Category:FTP server software
Category:Free server software
Category:Free file transfer software
Category:FTP server software for Linux
Category:Unix Internet software
Category:Free software programmed in C
Category:Software using the GNU General Public License

---
Adapted from the Wikipedia article [Vsftpd](https://en.wikipedia.org/wiki/Vsftpd) by Wikipedia contributors ([contributor history](https://en.wikipedia.org/wiki/Vsftpd?action=history)). Available under [Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/). Changes may have been made.
