Lucene search
K

125 matches found

OSV
OSV
added 2011/02/02 1:0 a.m.9 views

CVE-2010-4652

Heap-based buffer overflow in the sqlpreparewhere function contrib/modsql.c in ProFTPD before 1.3.3d, when modsql is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly...

8.2AI score
Exploits0References13
OSV
OSV
added 2010/11/09 9:0 p.m.10 views

CVE-2010-4221

Multiple stack-based buffer overflows in the prnetiotelnetgets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a 1 FTP or 2 FTPS server...

7.5AI score
Exploits0References13
OSV
OSV
added 2010/11/09 9:0 p.m.1 views

DEBIAN-CVE-2010-4221

Multiple stack-based buffer overflows in the prnetiotelnetgets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a 1 FTP or 2 FTPS server...

10CVSS8.1AI score0.91303EPSS
Exploits10References1
OSV
OSV
added 2009/10/28 2:30 p.m.9 views

CVE-2009-3639

The modtls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, which allows remote attackers to bypass intended...

5.7AI score
Exploits0References12
FreeBSD
FreeBSD
added 2008/09/22 12:0 a.m.60 views

proftpd -- Long Command Processing Vulnerability

Secunia reports: The vulnerability is caused due to the application truncating an overly long FTP command, and improperly interpreting the remainder string as a new FTP command. This can be exploited to execute arbitrary FTP commands with the privileges of another user by e.g. tricking the user...

6.6AI score
Exploits0References2
OSV
OSV
added 2006/12/15 11:28 a.m.1 views

DEBIAN-CVE-2006-6563

Stack-based buffer overflow in the prctrlsrecvrequest function in ctrls.c in the modctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value...

6.6CVSS7.6AI score0.02298EPSS
Exploits1References1
OSV
OSV
added 2006/11/30 3:28 p.m.7 views

CVE-2006-6171

ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...

6.1AI score
Exploits0References14
Positive Technologies
Positive Technologies
added 2006/11/08 12:0 a.m.3 views

PT-2006-1003 · Proftpd · Proftpd

Name of the Vulnerable Software and Affected Versions: ProFTPD version 1.3.0 and earlier Description: The issue is related to a stack-based buffer overflow in the sreplace function, which can be exploited by remote attackers to cause a denial of service and potentially execute arbitrary code. Thi...

10CVSS6.6AI score0.74254EPSS
Exploits8References47
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.19 views

CVE-2004-1602

ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response...

6.6AI score0.30679EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2004/11/06 12:0 a.m.18 views

ProFTPD < 1.2.11 Remote User Enumeration

Binary data 2393.prm...

5CVSS7.3AI score0.30679EPSS
Exploits1References1
seebug.org
seebug.org
added 2004/10/17 12:0 a.m.24 views

ProFTPD &lt;= 1.2.10 Remote Users Enumeration Exploit

No description provided by source. / Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at...

7.1AI score
Exploits0
0day.today
0day.today
added 2004/10/17 12:0 a.m.52 views

ProFTPD <= 1.2.10 Remote Users Enumeration Exploit

Exploit for linux platform in category remote exploits ================================================== ProFTPD include include include include define PORT 21 define PROBE 8 main int argc, char argv int sock,n,y; long dist,stat=0; struct sockaddrin sin; char buf1024, buf21024; struct timeval t...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/10/17 12:0 a.m.258 views

ProFTPd 1.2.10 - Remote Users Enumeration

/ Details Vulnerable Systems: ProFTPD Version 1.2.10 and below It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at the ProFTPd login procedure. There ...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/17 12:0 a.m.81 views

ProFTPD Login Timing Account Name Enumeration

The remote ProFTPd server is as old or older than 1.2.10 It is possible to determine which user names are valid on the remote host based on timing analysis attack of the login procedure. An attacker may use this flaw to set up a list of valid usernames for a more efficient brute-force attack...

5CVSS5.6AI score0.30679EPSS
Exploits1
NVD
NVD
added 2004/10/15 4:0 a.m.10 views

CVE-2004-1602

ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response...

5CVSS6.7AI score0.30679EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.24 views

Debian DSA-029-2 : proftpd - remote DOS & potential buffer overflow

The following problems have been reported for the version of proftpd in Debian 2.2 potato : - There is a memory leak in the SIZE command which can result in a denial of service, as reported by Wojciech Purczynski. This is only a problem if proftpd cannot write to its scoreboard file; the default...

7.5CVSS5.6AI score0.44936EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.31 views

GLSA-200405-09 : ProFTPD Access Control List bypass vulnerability

The remote host is affected by the vulnerability described in GLSA-200405-09 ProFTPD Access Control List bypass vulnerability ProFTPD 1.2.9 introduced a vulnerability that allows CIDR-based ACLs such as 10.0.0.1/24 to be bypassed. The CIDR ACLs are disregarded, with the net effect being similar t...

7.5CVSS5.6AI score0.09197EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.16 views

ProFTPd < 1.2.0pre6 mkdir Command Overflow

Binary data 1843.prm...

10CVSS7.3AI score0.38054EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.16 views

ProFTPd ASCII Newline Character Overflow

Binary data 1844.prm...

9CVSS7.3AI score0.55119EPSS
Exploits0References1
0day.today
0day.today
added 2004/08/13 12:0 a.m.25 views

ProFTPd Local pr_ctrls_connect Vuln - ftpdctl

Exploit for linux platform in category local exploits ============================================= ProFTPd Local prctrlsconnect Vuln - ftpdctl ============================================= / This is simple local exploit Proof of Concept? for local bug in ProFTPd not in default options must be...

6.8AI score
Exploits0
Rows per page
Query Builder