Lucene search
K

125 matches found

Exploit DB
Exploit DB
added 2002/12/09 12:0 a.m.17 views

ProFTPd 1.2.x - 'STAT' Denial of Service

source: https://www.securityfocus.com/bid/6341/info A denial of service vulnerability has been reported for ProFTPD. It is possible to cause ProFTPD from responding to legitimate requests for service by issuing specially crafted STAT commands. This will result in a denial of service condition...

7AI score
Exploits0
NVD
NVD
added 2001/12/31 5:0 a.m.17 views

CVE-2001-1500

ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged...

7.5CVSS6.9AI score0.12449EPSS
Exploits0References5
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.20 views

CVE-1999-1475

ProFTPd 1.2 compiled with the modsqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command...

6.4AI score0.04472EPSS
Exploits0References2
NVD
NVD
added 2001/06/02 4:0 a.m.23 views

CVE-2001-0318

Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory cwd...

7.5CVSS7.3AI score0.11438EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2001/03/16 12:0 a.m.18 views

ProFTPD STAT Command Remote DoS

The remote FTP server is affected by a denial of service vulnerability that is triggered when it receives a specially crafted STAT command. A remote attacker can exploit this to cause the consumption of all available memory. C Tenable Network Security, Inc. Script audit and contributions from...

5.6AI score
Exploits0References1
Debian
Debian
added 2001/03/08 11:57 p.m.18 views

[SECURITY] [DSA-032-2] proftp runs as root, /var symlink removal

Package: proftpd Vulnerability: proftpd running as root, /var symlink removal Debian-specific: yes This is an update to the DSA-032-1 advisory. The powerpc package that was listed in that advisory was unfortunately compiled on the wrong system which caused it to not work on a Debian GNU/Linux 2.2...

5.9AI score
Exploits0
Debian
Debian
added 2001/03/07 1:34 a.m.23 views

[SECURITY] [DSA-032-1] proftp runs as root, /var symlink removal

Package: proftpd Vulnerability: proftpd running as root, /var symlink removal Debian-specific: yes The following problems have been reported for the version of proftpd in Debian 2.2 potato: 1. There is a configuration error in the postinst script, when the user enters yes, when asked if anonymous...

5.9AI score
Exploits0
NVD
NVD
added 2001/02/12 5:0 a.m.15 views

CVE-2001-0027

modsqlpw module in ProFTPD does not reset a cached password when a user uses the "user" command to change accounts, which allows authenticated attackers to gain privileges of other users...

7.5CVSS6.9AI score0.06492EPSS
Exploits1References2
exploitpack
exploitpack
added 2001/01/12 12:0 a.m.21 views

ProFTPd 1.2.0 pre10 - Remote Denial of Service

ProFTPd 1.2.0 pre10 - Remote Denial of Service / ProFTPd DoS version 1.1 Remote DoS in proFTPd Code by: JeT-Li -The Wushu Master- [email protected] Recently I posted a remote DoS for ProFTPd based in the multiple use of the SIZE command in order to crash the system. Now and thanks to the...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2001/01/12 12:0 a.m.73 views

ProFTPd 1.2.0 pre10 - Remote Denial of Service

/ ProFTPd DoS version 1.1 Remote DoS in proFTPd Code by: JeT-Li -The Wushu Master- [email protected] Recently I posted a remote DoS for ProFTPd based in the multiple use of the SIZE command in order to crash the system. Now and thanks to the information provided by Wojciech Purczynski I have cod...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/01/03 12:0 a.m.12 views

ProFTPd 1.2.0 rc2 - Memory Leakage

ProFTPd 1.2.0 rc2 - Memory Leakage / | Proftpd DoS | by Piotr Zurawski [email protected] | This source is just an example of memory leakage in proftpd-1.2.0rc2 | server discovered by Wojciech Purczynski. | / include include include include include include include include include include include...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2000/12/20 12:0 a.m.32 views

ProFTPd 1.2 - 'SIZE' Remote Denial of Service

source: https://www.securityfocus.com/bid/2185/info A memory leak has been reported in all versions of ProFTPd. The SIZE FTP command causes the server to misallocate and leak small amounts of memory each time the command is executed. If a sufficient number of these commands are executed by the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/12/20 12:0 a.m.26 views

Memory leakage in proftpd leads to remote DoS

Hello, Proftpd has memory leakage bug if it executes SIZE FTP command. Using 5000 SIZE commands causes proftpd to consume over 300kB of memory. Exploiting this bug with more SIZE commands gives us simple DoS attack. Anonymous access is sufficient to use SIZE commands and to exploit this bug. I've...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2000/12/20 12:0 a.m.28 views

ProFTPd 1.2 - SIZE Remote Denial of Service

ProFTPd 1.2 - SIZE Remote Denial of Service source: https://www.securityfocus.com/bid/2185/info A memory leak has been reported in all versions of ProFTPd. The SIZE FTP command causes the server to misallocate and leak small amounts of memory each time the command is executed. If a sufficient...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2000/12/13 12:0 a.m.21 views

Дырка в ProFTPD (mod_sqlpw Password Caching)

Авторизованный пользоватлеь может переключиться в другого не зхная пароля...

0.7AI score
Exploits0References1
FreeBSD Advisory
FreeBSD Advisory
added 2000/08/14 12:0 a.m.5 views

FreeBSD-SA-00:35.proftpd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:35 Security Advisory FreeBSD, Inc. Topic: proftpd port contains remote root compromise Category: ports Module: proftpd Announced: 2000-08-14 Credits: lamagra Affects:...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2000/07/06 12:0 a.m.23 views

proftp advisory

http://lamagra.seKure.de: advisory 1 Advisory: misc. bugs Programname: proftpd Versions: 1.2.0 = pre10 Vendor: proftpd.net Severity: high root shell and low Contact: [email protected] Bug1: void setproctitlechar fmt,... in src/main.c snippet memsetstatbuf, 0, sizeofstatbuf; vsnprintfstatbuf,...

7.7AI score
Exploits0
NVD
NVD
added 1999/11/19 5:0 a.m.15 views

CVE-1999-1475

ProFTPd 1.2 compiled with the modsqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command...

4.6CVSS6.4AI score0.04472EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 1999/09/21 12:0 a.m.28 views

ProFTPD NLST Command Argument Handling Remote Overflow

It was possible to crash the remote FTP server by issuing a specially crafted command, such as 'NLST aaaXXXX%u%...%u%u%u%%u%653300u%n' where 'XXXX' is replaced with four characters - ASCII values 0xDC, 0x4F, 0x07 and 0x08. This issue is known to affect ProFTPD version 1.2.0pre6, although other FT...

10CVSS5.8AI score0.38054EPSS
Exploits0References4
exploitpack
exploitpack
added 1999/09/17 12:0 a.m.21 views

ProFTPd 1.2 pre6 - snprintf Remote Root

ProFTPd 1.2 pre6 - snprintf Remote Root source: https://www.securityfocus.com/bid/650/info Lack of user input validation in ProFTPD can lead to a remote root vulnerability. On systems that support it ProFTPD will attempt to modify the name of the program being executed argv0 to display the comman...

0.4AI score
Exploits0
Rows per page
Query Builder