Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-4130
HistoryDec 06, 2011 - 11:55 a.m.

CVE-2011-4130

2011-12-0611:55:06
CWE-399
[email protected]
web.nvd.nist.gov
1

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.4%

JSON

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.

Affected configurations

NVD
Node
proftpdproftpdRange≀1.3.3f
OR
proftpdproftpdMatch1.2.0
OR
proftpdproftpdMatch1.2.0pre10
OR
proftpdproftpdMatch1.2.0pre9
OR
proftpdproftpdMatch1.2.0rc1
OR
proftpdproftpdMatch1.2.0rc2
OR
proftpdproftpdMatch1.2.0rc3
OR
proftpdproftpdMatch1.2.1
OR
proftpdproftpdMatch1.2.2
OR
proftpdproftpdMatch1.2.2rc1
OR
proftpdproftpdMatch1.2.2rc2
OR
proftpdproftpdMatch1.2.2rc3
OR
proftpdproftpdMatch1.2.3
OR
proftpdproftpdMatch1.2.4
OR
proftpdproftpdMatch1.2.5
OR
proftpdproftpdMatch1.2.5rc1
OR
proftpdproftpdMatch1.2.5rc2
OR
proftpdproftpdMatch1.2.5rc3
OR
proftpdproftpdMatch1.2.6
OR
proftpdproftpdMatch1.2.6rc1
OR
proftpdproftpdMatch1.2.6rc2
OR
proftpdproftpdMatch1.2.7
OR
proftpdproftpdMatch1.2.7rc1
OR
proftpdproftpdMatch1.2.7rc2
OR
proftpdproftpdMatch1.2.7rc3
OR
proftpdproftpdMatch1.2.8
OR
proftpdproftpdMatch1.2.8rc1
OR
proftpdproftpdMatch1.2.8rc2
OR
proftpdproftpdMatch1.2.9
OR
proftpdproftpdMatch1.2.9rc1
OR
proftpdproftpdMatch1.2.9rc2
OR
proftpdproftpdMatch1.2.9rc3
OR
proftpdproftpdMatch1.2.10
OR
proftpdproftpdMatch1.2.10rc1
OR
proftpdproftpdMatch1.2.10rc2
OR
proftpdproftpdMatch1.2.10rc3
OR
proftpdproftpdMatch1.3.0
OR
proftpdproftpdMatch1.3.0a
OR
proftpdproftpdMatch1.3.0rc1
OR
proftpdproftpdMatch1.3.0rc2
OR
proftpdproftpdMatch1.3.0rc3
OR
proftpdproftpdMatch1.3.0rc4
OR
proftpdproftpdMatch1.3.0rc5
OR
proftpdproftpdMatch1.3.1
OR
proftpdproftpdMatch1.3.1rc1
OR
proftpdproftpdMatch1.3.1rc2
OR
proftpdproftpdMatch1.3.1rc3
OR
proftpdproftpdMatch1.3.2
OR
proftpdproftpdMatch1.3.2rc1
OR
proftpdproftpdMatch1.3.2rc2
OR
proftpdproftpdMatch1.3.2rc3
OR
proftpdproftpdMatch1.3.2rc4
OR
proftpdproftpdMatch1.3.3
OR
proftpdproftpdMatch1.3.3a
OR
proftpdproftpdMatch1.3.3b
OR
proftpdproftpdMatch1.3.3c
OR
proftpdproftpdMatch1.3.3d
OR
proftpdproftpdMatch1.3.3e
OR
proftpdproftpdMatch1.3.3rc1
OR
proftpdproftpdMatch1.3.3rc2
OR
proftpdproftpdMatch1.3.3rc3
OR
proftpdproftpdMatch1.3.3rc4

Related

nessus 10
openvas 18
slackware 1
ubuntucve 1
seebug 2
securityvulns 2
fedora 4
prion 1
cvelist 1
debiancve 1
cve 1
debian 1
osv 2
gentoo 1
nessus
nessus
Oracle Solaris Third-Party Patch Update : proftpd (cve_2011_4130_use_after)
2015-01-19 00:00:00
Mandriva Linux Security Advisory : proftpd (MDVSA-2011:181)
2011-12-08 00:00:00
openSUSE Security Update : proftpd (openSUSE-2011-19)
2014-06-13 00:00:00
openvas
openvas
Fedora Update for proftpd FEDORA-2011-15765
2012-04-02 00:00:00
Fedora Update for proftpd FEDORA-2011-15740
2011-11-21 00:00:00
Slackware: Security Advisory (SSA:2012-041-04)
2012-09-10 00:00:00
slackware
slackware
[slackware-security] proftpd
2012-02-10 17:44:44
ubuntucve
ubuntucve
CVE-2011-4130
2011-12-06 00:00:00
seebug
seebug
ProFTPD Prior To 1.3.3g Use-After-Free θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-12-02 00:00:00
ProFTPDε“εΊ”ζ± ι‡Šζ”ΎεŽι‡η”¨δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-12-07 00:00:00
securityvulns
securityvulns
ProFTPD memory corruption
2011-11-21 00:00:00
[SECURITY] [DSA 2346-1] proftpd-dfsg security update
2011-11-21 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: proftpd-1.3.4-1.fc16
2011-11-19 05:59:54
[SECURITY] Fedora 15 Update: proftpd-1.3.4-1.fc15
2011-11-19 06:08:44
[SECURITY] Fedora 16 Update: proftpd-1.3.4b-5.fc16
2013-01-30 00:31:45
prion
prion
Design/Logic Flaw
2011-12-06 11:55:00
cvelist
cvelist
CVE-2011-4130
2011-12-06 11:00:00
debiancve
debiancve
CVE-2011-4130
2011-12-06 11:55:06
cve
cve
CVE-2011-4130
2011-12-06 11:55:06
debian
debian
[SECURITY] [DSA 2346-1] proftpd-dfsg security update
2011-11-15 20:39:09
osv
osv
proftpd-dfsg - several
2011-11-16 00:00:00
proftpd-dfsg - several
2011-11-16 00:00:00
gentoo
gentoo
ProFTPD: Multiple vulnerabilities
2013-09-24 00:00:00

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.4%

JSON
Related for NVD:CVE-2011-4130
nessus10openvas18slackware1ubuntucve1seebug2securityvulns2fedora4prion1cvelist1debiancve1cve1debian1osv2gentoo1