Lucene search
K

1564 matches found

exploitpack
exploitpack
added 2000/12/20 12:0 a.m.25 views

ProFTPd 1.2 - SIZE Remote Denial of Service

ProFTPd 1.2 - SIZE Remote Denial of Service source: https://www.securityfocus.com/bid/2185/info A memory leak has been reported in all versions of ProFTPd. The SIZE FTP command causes the server to misallocate and leak small amounts of memory each time the command is executed. If a sufficient...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2000/12/20 12:0 a.m.30 views

ProFTPd 1.2 - 'SIZE' Remote Denial of Service

source: https://www.securityfocus.com/bid/2185/info A memory leak has been reported in all versions of ProFTPd. The SIZE FTP command causes the server to misallocate and leak small amounts of memory each time the command is executed. If a sufficient number of these commands are executed by the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/12/20 12:0 a.m.21 views

DoS против ProFTPD

Утечка памяти в комманде SIZE...

0.4AI score
Exploits0References1
securityvulns
securityvulns
added 2000/12/20 12:0 a.m.24 views

Memory leakage in proftpd leads to remote DoS

Hello, Proftpd has memory leakage bug if it executes SIZE FTP command. Using 5000 SIZE commands causes proftpd to consume over 300kB of memory. Exploiting this bug with more SIZE commands gives us simple DoS attack. Anonymous access is sufficient to use SIZE commands and to exploit this bug. I've...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2000/12/13 12:0 a.m.22 views

mod_sqlpw Password Caching Bug

The modsqlpw module for ProFTPD caches the user id and password information returned from the mysql database when attempting to verify a password. When the "user" command is used to switch to another account, the cached password is not cleard, and the password entered is checked against the cache...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2000/12/13 12:0 a.m.18 views

Дырка в ProFTPD (mod_sqlpw Password Caching)

Авторизованный пользоватлеь может переключиться в другого не зхная пароля...

0.7AI score
Exploits0References1
FreeBSD Advisory
FreeBSD Advisory
added 2000/08/14 12:0 a.m.5 views

FreeBSD-SA-00:35.proftpd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:35 Security Advisory FreeBSD, Inc. Topic: proftpd port contains remote root compromise Category: ports Module: proftpd Announced: 2000-08-14 Credits: lamagra Affects:...

6.2AI score
Exploits0
CVE
CVE
added 2000/07/19 4:0 a.m.56 views

CVE-2000-0574

Affected software: OpenBSD ftpd, NetBSD ftpd, ProFTPd, and Opieftpd. The issue is that untrusted format strings are not properly cleansed in setproctitle, allowing remote attackers to cause a denial of service or execute arbitrary commands. The connected Nessus document notes an attack scenario w...

5CVSS7.5AI score0.5887EPSS
Exploits0References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2000/07/15 12:0 a.m.33 views

ProFTPD Multiple Remote Overflows (palmetto)

The remote ProFTPd server is running a 1.2.0preN version. All the 1.2.0preN versions contain several security flaws that allow an attacker to execute arbitrary code on this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10464; scriptversion"1.25";...

10CVSS6.2AI score0.39233EPSS
Exploits1References1
NVD
NVD
added 2000/07/07 4:0 a.m.15 views

CVE-2000-0574

FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function sometimes called by setproctitle, which allows remote attackers to cause a denial of service or execute arbitrary commands...

5CVSS7.4AI score0.5887EPSS
Exploits0References7
securityvulns
securityvulns
added 2000/07/06 12:0 a.m.33 views

Удаленный root в proftpd

Дырка похожая на аналогичную в WU, связана с использованием ввода пользователя в качестве форматной строки...

0.7AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/07/06 12:0 a.m.21 views

proftp advisory

http://lamagra.seKure.de: advisory 1 Advisory: misc. bugs Programname: proftpd Versions: 1.2.0 = pre10 Vendor: proftpd.net Severity: high root shell and low Contact: [email protected] Bug1: void setproctitlechar fmt,... in src/main.c snippet memsetstatbuf, 0, sizeofstatbuf; vsnprintfstatbuf,...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2000/06/24 12:0 a.m.33 views

ftpd: the advisory version

You might have seen the wuftpd exploit by tf8, he released it in his own lame way. But now I bring you the story behind it. The story begins inside the ftpcmd.y file. Which has the ftp commands in it. The bug is in the siteexecchar cmd function. There is calls lreply200,cmd; In ftpd.c we find voi...

7.7AI score
Exploits0
CVE
CVE
added 2000/02/04 5:0 a.m.44 views

CVE-1999-0911

CVE-1999-0911 affects ProFTPD, wu-ftpd, and beroftpd. The vulnerability is a buffer overflow triggered by a sequence of MKD/CWD commands that create nested directories, allowing remote attackers to gain root privileges. Connected docs mention ProFTPD-related overflows (e.g., in 1.2.0pre4/pre6 var...

10CVSS7.3AI score0.38054EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.16 views

CVE-1999-0911

Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories...

7.3AI score0.38054EPSS
Exploits0References2
Packet Storm
Packet Storm
added 1999/11/20 12:0 a.m.27 views

proftpd.mod_sqlpw.txt

A member of the proftpd mailing list and myself discovered a problem with proftpd with modsqlpw.c optional module compiled in. Unix last command reveals passwords where the username should be. A patch was sent to the mailing list, however, the patch only protects ftp localhost not ftp remotehost...

7.4AI score
Exploits0
NVD
NVD
added 1999/11/19 5:0 a.m.14 views

CVE-1999-1475

ProFTPd 1.2 compiled with the modsqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command...

4.6CVSS6.4AI score0.04472EPSS
Exploits0References2
Debian
Debian
added 1999/11/11 3:14 p.m.1 views

[SECURITY] New version of proftpd fixes remote exploits

The proftpd version that was distributed in Debian GNU/Linux 2.1 had several buffer overruns that could be exploited by remote attackers. A short list of problems: user input was used in snprintf without sufficient checks there was an overflow in the logxfer routine you could overflow a buffer by...

6.1AI score
Exploits0
Debian
Debian
added 1999/11/11 12:0 a.m.10 views

[SECURITY] New version of proftpd fixes remote exploits

------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman November 11, 1999 - ------------------------------------------------------------------------ The proftpd version that was...

2.4AI score
Exploits0
Cvelist
Cvelist
added 1999/09/29 4:0 a.m.33 views

CVE-1999-0368

Buffer overflows in wuarchive ftpd wu-ftpd and ProFTPD lead to remote root access, a.k.a. palmetto...

6.7AI score0.39233EPSS
Exploits1References1
Rows per page
Query Builder