Lucene search
K

1565 matches found

Positive Technologies
Positive Technologies
added 2006/11/08 12:0 a.m.2 views

PT-2006-1003 · Proftpd · Proftpd

Name of the Vulnerable Software and Affected Versions: ProFTPD version 1.3.0 and earlier Description: The issue is related to a stack-based buffer overflow in the sreplace function, which can be exploited by remote attackers to cause a denial of service and potentially execute arbitrary code. Thi...

10CVSS6.6AI score0.74254EPSS
Exploits8References47
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.20 views

ProFTPd Local pr_ctrls_connect Vuln - ftpdctl

No description provided by source. / This is simple local exploit Proof of Concept? for local bug in ProFTPd not in default options must be configured with option --enable-ctrls. Bug exist in function prctrlsconnect in file \"src/ctrls.c\", look: \"src/ctrls.c\" int prctrlsconnectconst char...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.18 views

ProFTPD 1.2.9RC1 (mod_sql) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl ProFTPD 1.2.9 rc1 modsql SQL Injection remote Exploit Spaine - 2003 use IO::Socket; if@ARGC2 print "\nProof Of Concept Sql Inject on ProFTPD\n"; print "Usage: perl poc-sqlftp target 1=Alternate query\n\n"; exit0; ; $server = $ARGV0; $query = $ARGV...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.21 views

FreeBSD : proftpd -- format string vulnerabilities (c28f4705-043f-11da-bc08-0001020eed82)

The ProFTPD release notes states : sean found two format string vulnerabilities, one in modsql's SQLShowInfo directive, and one involving the 'ftpshut' utility. Both can be considered low risk, as they require active involvement on the part of the site administrator in order to be exploited. Thes...

6.4CVSS5.5AI score0.09198EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2005/12/31 5:0 a.m.18 views

CVE-2005-4816

Buffer overflow in modradius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long password...

7.5CVSS6AI score0.12583EPSS
Exploits0References1
NVD
NVD
added 2005/12/31 5:0 a.m.16 views

CVE-2005-4816

Buffer overflow in modradius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long password...

7.5CVSS7.8AI score0.12583EPSS
Exploits0References5
OSV
OSV
added 2005/12/31 5:0 a.m.5 views

CVE-2005-4816

Buffer overflow in modradius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long password...

7.8AI score
Exploits0References5
OSV
OSV
added 2005/12/31 5:0 a.m.0 views

DEBIAN-CVE-2005-4816

Buffer overflow in modradius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long password...

7.5CVSS8.1AI score0.12583EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.42 views

ProFTPD < 1.2.11 User Enumeration Vulnerability

ProFTPD is prone to a user enumeration vulnerability. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:proftpd:proftpd"; Ref: LS...

5CVSS6.9AI score0.30679EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2005/10/05 12:0 a.m.24 views

Mandrake Linux Security Advisory : proftpd (MDKSA-2005:140)

Two format string vulnerabilities were discovered in ProFTPD. The first exists when displaying a shutdown message containin the name of the current directory. This could be exploited by a user who creates a directory containing format specifiers and sets the directory as the current directory whe...

6.4CVSS5.5AI score0.09198EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/09/06 12:0 a.m.25 views

Debian DSA-795-2 : proftpd - potential code execution

infamous42md reported that proftpd suffers from two format string vulnerabilities. In the first, a user with the ability to create a directory could trigger the format string error if there is a proftpd shutdown message configured to use the '%C', '%R', or '%U' variables. In the second, the error...

6.4CVSS5.4AI score0.09198EPSS
Exploits0References2
Debian
Debian
added 2005/09/03 1:28 a.m.24 views

[SECURITY] [DSA 795-2] Updated i386 proftpd packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 795-2 [email protected] http://www.debian.org/security/ Michael Stone September 2, 2005 http://www.debian.org/security/faq -...

6.4CVSS6.3AI score0.09198EPSS
Exploits0
Debian
Debian
added 2005/09/03 1:28 a.m.26 views

[SECURITY] [DSA 795-2] Updated i386 proftpd packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 795-2 [email protected] http://www.debian.org/security/ Michael Stone September 2, 2005 http://www.debian.org/security/faq -...

6.4CVSS6.3AI score0.09198EPSS
Exploits0
Debian
Debian
added 2005/09/02 1:50 a.m.23 views

[SECURITY] [DSA 795-1] New proftpd packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 795-1 [email protected] http://www.debian.org/security/ Michael Stone September 1st, 2005 http://www.debian.org/security/faq -...

6.4CVSS6.2AI score0.09198EPSS
Exploits0
Debian
Debian
added 2005/09/02 1:50 a.m.23 views

[SECURITY] [DSA 795-1] New proftpd packages fix format string vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 795-1 [email protected] http://www.debian.org/security/ Michael Stone September 1st, 2005 http://www.debian.org/security/faq -...

6.4CVSS0.09198EPSS
Exploits0
OSV
OSV
added 2005/09/01 12:0 a.m.19 views

DSA-795-2 proftpd - format string error

Bulletin has no description...

6.4CVSS6.3AI score0.09198EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/08/02 12:0 a.m.20 views

GLSA-200508-02 : ProFTPD: Format string vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200508-02 ProFTPD: Format string vulnerabilities 'infamous42md' reported that ProFTPD is vulnerable to format string vulnerabilities when displaying a shutdown message containing the name of the current directory, and when...

6.4CVSS6.1AI score0.09198EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2005/08/01 12:0 a.m.18 views

ProFTPD: Format string vulnerabilities

Background ProFTPD is a configurable GPL-licensed FTP server software. Description "infamous42md" reported that ProFTPD is vulnerable to format string vulnerabilities when displaying a shutdown message containing the name of the current directory, and when displaying response messages to the clie...

6.4CVSS6.9AI score0.09198EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2005/07/27 4:0 a.m.23 views

CVE-2005-2390

Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via 1 certain inputs to the shutdown message from ftpshut, or 2 the SQLShowInfo modsql directive...

6.4CVSS5.9AI score0.09198EPSS
Exploits0References1
NVD
NVD
added 2005/07/27 4:0 a.m.12 views

CVE-2005-2390

Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via 1 certain inputs to the shutdown message from ftpshut, or 2 the SQLShowInfo modsql directive...

6.4CVSS6.5AI score0.09198EPSS
Exploits0References6
Rows per page
Query Builder