Lucene search
K

1564 matches found

Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.25 views

Mandrake Linux Security Advisory : proftpd (MDKSA-2002:005)

Matthew S. Hallacy discovered that ProFTPD was not forward resolving reverse-resolved hostnames. A remote attacker could exploit this to bypass ProFTPD access controls or have false information logged. Frank Denis discovered that a remote attacker could send malicious commands to the ProFTPD serv...

7.5CVSS5.6AI score0.38414EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.28 views

Mandrake Linux Security Advisory : proftpd (MDKSA-2003:095-1)

A vulnerability was discovered by X-Force Research at ISS in ProFTPD's handling of ASCII translation. An attacker, by downloading a carefully crafted file, can remotely exploit this bug to create a root shell. The ProFTPD team encourages all users to upgrade to version 1.2.7 or higher. The...

9CVSS5.4AI score0.55119EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.25 views

FreeBSD : proftpd IP address access control list breakage (155)

The following package needs to be updated: proftpd %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgcb6c6c299c4f11d893660020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.5AI score0.09197EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.45 views

FreeBSD : ProFTPD ASCII translation bug resulting in remote root compromise (156)

The following package needs to be updated: proftpd %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgcf0fb4263f9611d8b0960020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

6.4AI score0.55119EPSS
Exploits0References21
Gentoo Linux
Gentoo Linux
added 2004/05/19 12:0 a.m.77 views

ProFTPD Access Control List bypass vulnerability

Background ProFTPD is an FTP daemon. Description ProFTPD 1.2.9 introduced a vulnerability that allows CIDR-based ACLs such as 10.0.0.1/24 to be bypassed. The CIDR ACLs are disregarded, with the net effect being similar to an "AllowAll" directive. Impact This vulnerability may allow unauthorized...

7.5CVSS6.5AI score0.09197EPSS
Exploits0
Cvelist
Cvelist
added 2004/05/05 4:0 a.m.30 views

CVE-2004-0432

ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions...

6.4AI score0.09197EPSS
Exploits0References7
CVE
CVE
added 2004/05/05 4:0 a.m.62 views

CVE-2004-0432

ProFTPD 1.2.9 contains a logic issue where CIDR-based ACL directives in Allow and Deny are treated as if they were AllowAll, effectively bypassing access restrictions. This vulnerability allows FTP clients to bypass intended controls and potentially access or modify files that should be restricte...

7.5CVSS6.4AI score0.09197EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2004/03/18 5:0 a.m.16 views

CVE-2004-0346

Off-by-one buffer overflow in xlateasciiwrite in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command...

7.9AI score0.05736EPSS
Exploits1References3
CVE
CVE
added 2004/03/18 5:0 a.m.47 views

CVE-2004-0346

CVE-2004-0346 affects ProFTPD 1.2.7–1.2.9rc2, caused by an off-by-one buffer overflow in _xlate_ascii_write() triggered by a crafted RETR command (1023+ bytes). According to the CVE record, this enables local users to gain privileges; PT-2004-1500 also documents a remote-triggered scenario via RE...

7.8CVSS7.4AI score0.05736EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2004/03/18 12:0 a.m.4 views

PT-2004-1500 · Proftpd · Proftpd

Name of the Vulnerable Software and Affected Versions: ProFTPD versions 1.2.7 through 1.2.9rc2 Description: The issue is caused by an off-by-one buffer overflow in the xlate ascii write function. This can be exploited by a remote attacker who issues a specially crafted RETR command containing 102...

7.8CVSS8.1AI score0.05736EPSS
Exploits1References7
securityvulns
securityvulns
added 2004/03/03 12:0 a.m.28 views

ProFTPD buffer overflow

Buffer overflow on ASCII-files uploading...

3.7AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2004/03/03 12:0 a.m.19 views

The Cult of a Cardinal Number

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------ The Cult of a Cardinal Number Equal to the Sum of 1+1 by Phantasmal Phantasmagoria [email protected] - ---- Table of Contents ------------- 1 - Introduction 2 - Technical Details 3 - Final Thoughts - ----...

7.4AI score
Exploits0
NVD
NVD
added 2003/11/17 5:0 a.m.15 views

CVE-2003-0831

ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files...

9CVSS7.9AI score0.55119EPSS
Exploits0References9
FreeBSD
FreeBSD
added 2003/11/04 12:0 a.m.34 views

proftpd IP address access control list breakage

Jindrich Makovicka reports a regression in proftpd's handling of IP address access control lists IP ACLs. Due to this regression, some IP ACLs are treated as allow all''...

7.5CVSS6.4AI score0.09197EPSS
Exploits0References1
CERT
CERT
added 2003/10/29 12:0 a.m.29 views

ProFTPD fails to properly handle newline characters when transferring files in ASCII mode

Overview ProFTPD is a popular free File Transfer Protocol FTP server package. A vulnerability in its handling of files transferred in ASCII mode can allow an attacker to compromise the system running the server. Description The File Transfer Protocol FTP described in RFC959 defines operations for...

9CVSS7.6AI score0.55119EPSS
Exploits0References2
exploitpack
exploitpack
added 2003/10/15 12:0 a.m.28 views

ProFTPd 1.2.9 rc2 - .ASCII File Remote Code Execution (2)

ProFTPd 1.2.9 rc2 - .ASCII File Remote Code Execution 2 ProFTPd remote root exploit solareclipse at phreedom dot org GPG key ID: E36B11B7 https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/3021.tar.gz 12262006-proftpd-not-pro-enough.tar.gz milw0rm.com 2003-10-15...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2003/10/15 12:0 a.m.17 views

ProFTPD <= 1.2.9 rc2 (ASCII File) Remote Root Exploit

No description provided by source. ProFTPd remote root exploit solareclipse at phreedom dot org GPG key ID: E36B11B7 http://www.milw0rm.com/sploits/12262006-proftpd-not-pro-enough.tar.gz milw0rm.com 2003-10-15...

7.1AI score
Exploits0
0day.today
0day.today
added 2003/10/15 12:0 a.m.38 views

ProFTPD <= 1.2.9 rc2 (ASCII File) Remote Root Exploit

Exploit for linux platform in category remote exploits ===================================================== ProFTPD = 1.2.9 rc2 ASCII File Remote Root Exploit ===================================================== ProFTPd remote root exploit solareclipse at phreedom dot org GPG key ID: E36B11B7...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/10/15 12:0 a.m.32 views

ProFTPd 1.2.9 rc2 - &#039;.ASCII&#039; File Remote Code Execution (2)

ProFTPd remote root exploit solareclipse at phreedom dot org GPG key ID: E36B11B7 https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/3021.tar.gz 12262006-proftpd-not-pro-enough.tar.gz milw0rm.com 2003-10-15...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/10/13 12:0 a.m.16 views

ProFTPd 1.2.7 1.2.9rc2 - Remote Code Execution Brute Force

ProFTPd 1.2.7 1.2.9rc2 - Remote Code Execution Brute Force / ProFTPd 1.2.7 - 1.2.9rc2 remote r00t exploit -------------------------------------------- By Haggis This exploit builds on the work of bkbll to create a working, brute-force remote exploit for the \n procesing bug in ProFTPd. Tested on...

8.1AI score
Exploits0
Rows per page
Query Builder