1565 matches found
ProFTPD CommandBufferSize远程拒绝服务漏洞
ProFTPD是一款开放源代码FTP服务程序。 ProFTPD在处理用户请求时存在漏洞,如果启用了CommandBufferSize选项的话,则ProFTPD的main.c文件中cmdloop函数就可能没有正确验证FTP命令的缓冲区大小限制,导致拒绝服务。 ProFTPD Project ProFTPD 1.3 Debian ------ Debian已经为此发布了一个安全公告(DSA-1218-1)以及相应补丁: DSA-1218-1:New proftpd packages fix denial of service...
Debian DSA-1218-1 : proftpd - programming error
It was discovered that the proftpd FTP daemon performs insufficient validation of FTP command buffer size limits, which may lead to denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
[SECURITY] [DSA 1218-1] New proftpd packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1218-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 21st, 2006 http://www.debian.org/security/faq -...
DSA-1218 proftpd
Bulletin has no description...
DSA-1218-1 proftpd
Bulletin has no description...
FreeBSD : proftpd -- Remote Code Execution Vulnerability (cca97f5f-7435-11db-91de-0008743bf21a)
FrSIRT reports : A vulnerability has been identified in ProFTPD, which could be exploited by attackers to cause a denial of service or execute arbitrary commands. This flaw is due to a buffer overflow error in the 'main.c' file where the 'cmdbufsize' size of the buffer used to handle FTP commands...
[OpenPKG-SA-2006.035] OpenPKG Security Advisory (proftpd)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory OpenPKG GmbH http://openpkg.org/security/ http://openpkg.com OpenPKG-SA-2006.035 2006-11-16 Package: proftpd Vulnerability: denial of service OpenPKG Specific: no Affected Series: Affected Packages: Corrected Packages:...
Security fix for the ALT Linux 8 package proftpd version 1.3.0rel-alt1.3
Nov. 14, 2006 Konstantin Lepikhov 1.3.0rel-alt1.3 - fix null reference in CVE-2006-5815 patch made by upstream...
Security fix for the ALT Linux 8 package proftpd version 1.3.0rel-alt1.2
Nov. 13, 2006 Konstantin Lepikhov 1.3.0rel-alt1.2 - Security fix for CVE-2006-5815 "CommandBufferSize" Directive Remote Code Execution Vulnerability...
[SA22803] ProFTPD Unspecified Vulnerability
TITLE: ProFTPD Unspecified Vulnerability SECUNIA ADVISORY ID: SA22803 VERIFY ADVISORY: http://secunia.com/advisories/22803/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: ProFTPD 1.3.x http://secunia.com/product/5430/ DESCRIPTION: Evgeny Legerov has reported a...
proftpd -- remote code execution vulnerabilities
The proftpd development team reports that several remote buffer overflows had been found in the proftpd server...
proftpd -- Remote Code Execution Vulnerability
FrSIRT reports: A vulnerability has been identified in ProFTPD, which could be exploited by attackers to cause a denial of service or execute arbitrary commands. This flaw is due to a buffer overflow error in the "main.c" file where the "cmdbufsize" size of the buffer used to handle FTP commands...
CVE-2006-5815
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vdproftpd.pm, a "ProFTPD remote exploit."...
CVE-2006-5815
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vdproftpd.pm, a "ProFTPD remote exploit."...
CVE-2006-5815
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vdproftpd.pm, a "ProFTPD remote exploit."...
DEBIAN-CVE-2006-5815
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vdproftpd.pm, a "ProFTPD remote exploit."...
CVE-2006-5815
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vdproftpd.pm, a "ProFTPD remote exploit."...
CVE-2006-5815
ProFTPD 1.3.0 and earlier is affected by a stack-based buffer overflow in the sreplace function, enabling remote exploitation (likely by authenticated users) to cause denial of service and potentially execute arbitrary code. Public evidence includes exploit modules (Metasploit) for ProFTPD 1.2–1....
CVE-2006-5815
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vdproftpd.pm, a "ProFTPD remote exploit."...
PT-2006-1005 · Proftpd +1 · Proftpd +1
Name of the Vulnerable Software and Affected Versions: ProFTPD versions 1.3.0a and earlier Description: The issue is related to the improper setting of the buffer size limit when CommandBufferSize is specified in the configuration file, potentially leading to an off-by-two buffer underflow...