Lucene search
K

1565 matches found

OSV
OSV
added 2006/11/30 3:28 p.m.6 views

CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.6AI score
Exploits0References21
OSV
OSV
added 2006/11/30 3:28 p.m.1 views

DEBIAN-CVE-2006-6171

ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...

7.5CVSS6.9AI score0.0959EPSS
Exploits0References1
OSV
OSV
added 2006/11/30 3:28 p.m.1 views

DEBIAN-CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.5CVSS8.4AI score0.17432EPSS
Exploits1References1
CVE
CVE
added 2006/11/30 3:0 p.m.65 views

CVE-2006-6171

ProFTPD 1.3.0a and earlier are affected by three CVEs in the provided docs: CVE-2006-5815 (sreplace function buffer overflow) may cause memory corruption with potential code execution or DoS; CVE-2006-6170 (mod_tls tls_x509_name_oneline overflow) enables remote code execution via a large data len...

7.5CVSS6AI score0.0959EPSS
Exploits0References14Affected Software1
Cvelist
Cvelist
added 2006/11/30 3:0 p.m.24 views

CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.5AI score0.17432EPSS
Exploits1References19
Cvelist
Cvelist
added 2006/11/30 3:0 p.m.19 views

CVE-2006-6171

ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...

6AI score0.0959EPSS
Exploits0References14
CVE
CVE
added 2006/11/30 3:0 p.m.89 views

CVE-2006-6170

ProFTPD 1.3.0a and earlier are affected by buffer overflow vulnerabilities: CVE-2006-6170 (tls_x509_name_oneline in mod_tls) can allow remote code execution via a large data length; CVE-2006-5815 (sreplace) may also enable code execution via a crafted FTP sequence; CVE-2006-6171 relates to comman...

7.5CVSS7.5AI score0.17432EPSS
Exploits1References19Affected Software1
Debian CVE
Debian CVE
added 2006/11/30 3:0 p.m.18 views

CVE-2006-6171

ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...

7.5CVSS6.2AI score0.0959EPSS
Exploits0
Debian CVE
Debian CVE
added 2006/11/30 3:0 p.m.22 views

CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.5CVSS7.6AI score0.17432EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2006/11/30 12:0 a.m.27 views

ProFTPD: Remote execution of arbitrary code

Background ProFTPD is a highly-configurable FTP server. Description Evgeny Legerov discovered a stack-based buffer overflow in the sreplace function in support.c, as well as a buffer overflow in in the modtls module. Additionally, an off-by-two error related to the CommandBufferSize configuration...

10CVSS7.4AI score0.74254EPSS
Exploits5
OSV
OSV
added 2006/11/30 12:0 a.m.22 views

DSA-1222-1 proftpd

Bulletin has no description...

10CVSS9.3AI score0.74254EPSS
Exploits5
seebug.org
seebug.org
added 2006/11/29 12:0 a.m.65 views

ProFTPD mod_tls预认证远程缓冲区溢出漏洞

ProFTPD是一款开放源代码FTP服务程序。 ProFTPD的模块modtls在处理用户认证时存在缓冲溢出漏洞,远程攻击者可能利用此漏洞完全控制服务器。 ProFTPD的modtls模块的tlsx509nameoneline函数中存在远程溢出漏洞,允许远程未经认证的攻击者获得root用户权限。漏洞相关的代码如下: contrib/modtls.c: """ static char tlsx509nameonelineX509NAME x509name static char buf256 = '\0'; / If we are using OpenSSL 0.9.6 or newer,...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/11/29 12:0 a.m.16 views

Exploits [0day] ProFTPD 1.3.0 stack overflow

No description provided by source. vdproftpd.pm - Metasploit module for ProFTPD stack overflow Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/11/28 12:0 a.m.13 views

ProFTPD 1.3.0 (sreplace) Remote Stack Overflow Exploit (meta)

No description provided by source. vdproftpd.pm - Metasploit module for ProFTPD stack overflow Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/11/28 12:0 a.m.41 views

ProFTPD buffer overflow

Off-by-one vulnerability in sreplace is used for remote root access...

4.4AI score
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2006/11/28 12:0 a.m.89 views

CVE-2006-5815: remote code execution in ProFTPD

======= Summary ======= On 6 November 2006, Evgeny Legerov [email protected] posted to BUGTRAQ1, announcing his commercial VulnDisco Pack for Metasploit 2.72. One of the included exploits, vdproftpd.pm, takes advantage of an off-by-one string manipulation flaw in ProFTPD's sreplace function to allow...

10CVSS9.6AI score0.74254EPSS
Exploits4
securityvulns
securityvulns
added 2006/11/28 12:0 a.m.64 views

[Full-disclosure] ProFTPD 1.3.0 remote stack overflow

Hi all, Our ProFTPD advisory is below. Name: ProFTPD remote buffer overflow vulnerability Vendor: http://www.proftpd.org Release date: 27 Nov, 2006 URL: http://www.gleg.net/proftpd.txt CVE: CVE-2006-5815 Author: Evgeny Legerov research at gleg.net I. DESCRIPTION A remotely exploitable stack...

10CVSS9.6AI score0.74254EPSS
Exploits4
0day.today
0day.today
added 2006/11/27 12:0 a.m.33 views

ProFTPD 1.3.0 (sreplace) Remote Stack Overflow Exploit (meta)

Exploit for linux platform in category remote exploits ============================================================= ProFTPD 1.3.0 sreplace Remote Stack Overflow Exploit meta ============================================================= vdproftpd.pm - Metasploit module for ProFTPD stack overflow...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/11/27 12:0 a.m.11 views

ProFTPd 1.3.0 - sreplace Remote Stack Overflow (Metasploit)

ProFTPd 1.3.0 - sreplace Remote Stack Overflow Metasploit vdproftpd.pm - Metasploit module for ProFTPD stack overflow Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/27 12:0 a.m.36 views

ProFTPd 1.3.0 - 'sreplace' Remote Stack Overflow (Metasploit)

vdproftpd.pm - Metasploit module for ProFTPD stack overflow Copyright c 2006 Evgeny Legerov Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies...

7.4AI score
Exploits0
Rows per page
Query Builder