Lucene search
K

125 matches found

Cvelist
Cvelist
added 2025/02/06 12:0 a.m.28 views

CVE-2024-57392

Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service DoS on the FTP service by sending a maliciously crafted message to the ProFTPD service port...

0.01142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/06 12:0 a.m.5 views

CVE-2024-57392

Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service DoS on the FTP service by sending a maliciously crafted message to the ProFTPD service port...

7.9AI score0.01142EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/02/06 12:0 a.m.5 views

CVE-2024-57392

Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service DoS on the FTP service by sending a maliciously crafted message to the ProFTPD service port...

7.5CVSS6.3AI score0.01142EPSS
Exploits0
OSV
OSV
added 2024/11/29 5:15 a.m.2 views

DEBIAN-CVE-2024-48651

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql...

7.5CVSS5.2AI score0.02204EPSS
Exploits0References1
OSV
OSV
added 2024/11/29 12:0 a.m.12 views

CVE-2024-48651

In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql...

7.5CVSS6.6AI score0.02204EPSS
Exploits0References5
NCSC
NCSC
added 2023/12/29 12:0 a.m.2 views

Vulnerability fixed in ProFTPd

A vulnerability has been fixed in ProFTPd. The vulnerability allows an authenticated remote malicious person to perform a denial-of-service DoS via a specially prepared command to cause a denial-of-service DoS cause. The developers of ProFTP have released updates to fix the vulnerability. For mor...

7.5CVSS8.9AI score0.04249EPSS
Exploits1
OSV
OSV
added 2023/12/22 3:15 a.m.1 views

UBUNTU-CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

7.5CVSS7.1AI score0.04249EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2022/11/23 12:0 a.m.4 views

CVE-2021-46854

modradius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters...

7.3AI score0.01129EPSS
Exploits1References5
OSV
OSV
added 2021/09/23 4:49 a.m.4 views

MGASA-2021-0434 Updated proftpd packages fix security vulnerability

Fixes memory disclosure to RADIUS servers by modradius. Ftp clients like filezilla fail to detect locale with in log : "Status: Server does not support non-ASCII characters." This comes from proftpd MultilineRFC2228 directive enabled by default. Without this directive Filezilla is able to enable...

6.9AI score
Exploits0References5
CNVD
CNVD
added 2020/02/21 12:0 a.m.4 views

ProFTPD Buffer Overflow Vulnerability

ProFTPD is a secure cloud printing solution from the ProFTPD team. The solution supports printing from laptops, desktops and mobile devices connected to printers. ProFTPD suffers from a buffer overflow vulnerability. An attacker could exploit this vulnerability to cause a buffer overflow or heap...

7.5CVSS7.3AI score0.0211EPSS
Exploits0References1
Prion
Prion
added 2020/02/20 4:15 p.m.21 views

Out-of-bounds

ProFTPD 1.3.7 has an out-of-bounds OOB read vulnerability in modcap via the captext.c captotext function...

5CVSS7.5AI score0.0211EPSS
Exploits0References5Affected Software4
Positive Technologies
Positive Technologies
added 2020/02/10 12:0 a.m.4 views

PT-2020-5165 · Proftpd +2 · Proftpd +2

Name of the Vulnerable Software and Affected Versions: ProFTPD versions prior to 1.3.5e+r1.3.5-2+deb8u7 ProFTPD versions prior to 1.3.6-alt0.4.ga73dbfe3b ProFTPD versions prior to 1.3.6-4+deb10u4 ProFTPD version 1.3.7 Description: ProFTPD contains a use-after-free vulnerability within the memory...

10CVSS8.2AI score0.74254EPSS
Exploits8References75
BDU FSTEC
BDU FSTEC
added 2019/12/17 12:0 a.m.6 views

The vulnerability of the main.c component of the ProFTPD FTP server lies in the execution of a loop with an unreachable exit condition, allowing a hacker to cause a service failure.

The vulnerability of the main.c component of the ProFTPD FTP server is related to incorrect handling of long commands. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS6.2AI score0.19507EPSS
Exploits1References14Affected Software5
Positive Technologies
Positive Technologies
added 2019/07/17 12:0 a.m.10 views

PT-2019-2795

Name of the Vulnerable Software and Affected Versions ProFTPD versions up to 1.3.5b Description The issue is related to an arbitrary file copy vulnerability in the mod copy module of ProFTPD, allowing for remote code execution and information disclosure without authentication. This can be exploit...

10CVSS7.8AI score0.96803EPSS
Exploits28References83
Cvelist
Cvelist
added 2017/04/04 5:0 p.m.37 views

CVE-2017-7418

ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass th...

5.6AI score0.00419EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2016/04/20 12:0 a.m.17 views

The vulnerability of the ProFTPd FTP server allows a hacker to compromise the integrity, accessibility, and confidentiality of information.

The vulnerability of the modtls module in the ProFTPd FTP server exists due to incorrect processing of the TLSDHParamFile directive. Exploiting this vulnerability allows a malicious actor to compromise the integrity, availability, and confidentiality of information...

10CVSS7.1AI score0.06979EPSS
Exploits0References8Affected Software2
OSV
OSV
added 2013/09/30 9:55 p.m.7 views

CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

6.7AI score
Exploits0References6
OSV
OSV
added 2013/01/24 9:55 p.m.4 views

CVE-2012-6095

ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the 1 MKD or 2 XMKD commands...

6.1AI score
Exploits0References5
OSV
OSV
added 2011/12/06 11:55 a.m.5 views

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

6.9AI score
Exploits0References5
OpenVAS
OpenVAS
added 2011/05/12 12:0 a.m.38 views

Debian Security Advisory DSA 2185-1 (proftpd-dfsg)

The remote host is missing an update to proftpd-dfsg announced via advisory DSA 2185-1. OpenVAS Vulnerability Test $Id: deb21851.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2185-1 proftpd-dfsg Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft In...

5CVSS0.6AI score0.28068EPSS
Exploits1
Rows per page
Query Builder