DEBIAN-CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

Out-of-bounds

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

UBUNTU-CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

CVE-2023-51713

ProFTPD (make_ftp_cmd in main.c) is affected by CVE-2023-51713 in versions before 1.3.8a due to a one-byte out-of-bounds read caused by mishandling of quote/backslash semantics, leading to daemon crashes. Affected advisories reference ProFTPD before 1.3.8a across multiple vendors (Debian, Ubuntu,...

ProFTPd Security Vulnerability

ProFTPd is a highly configurable open source FTP server software. A security vulnerability exists in ProFTPd versions prior to 1.3.8a, which stems from improper handling of the semantics of the makeftpcmd function in the file main.c, resulting in an out-of-bounds read vulnerability and a daemon...

CVE-2023-51713

makeftpcmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics...

Slackware: Security Advisory (SSA:2023-354-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-8972 · Proftpd +3 · Proftpd +3

Name of the Vulnerable Software and Affected Versions: ProFTPD versions prior to 1.3.8a Description: The issue is related to the make ftp cmd function in the main.c component of the ProFTPD FTP server, which mishandles quote and backslash semantics. This leads to a one-byte out-of-bounds read and...

[slackware-security] proftpd

New proftpd packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/proftpd-1.3.8b-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: modsftp: implemented mitigation...

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current proftpd Vulnerability (SSA:2023-354-01)

The version of proftpd installed on the remote host is prior to 1.3.8b. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-354-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

FreeBSD : putty -- add protocol extension against 'Terrapin attack' (91955195-9ebb-11ee-bc14-a703705db3a6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 91955195-9ebb-11ee-bc14-a703705db3a6 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : OpenSSH vulnerabilities (USN-6560-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6560-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If...

Amazon Linux 2 : openssh (ALAS-2023-2376)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2376 advisory. AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A...

The vulnerability of the ProFTPD FTP server, related to a memory release error, allows attackers to gain unauthorized access to protected information.

The vulnerability of the ProFTPD FTP server is related to a memory release error. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

GLSA-202305-03 : ProFTPd: Memory Disclosure

The remote host is affected by the vulnerability described in GLSA-202305-03 ProFTPd: Memory Disclosure - modradius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters. CVE-2021-46854 Note that Nessus has not tested for this issue but has...

ProFTPd: Memory Disclosure

Background ProFTPD is an advanced and very configurable FTP server. Description ProFTPd unconditionally sends passwords to Radius servers for authentication in multiples of 16 bytes. If a password is not of a length that is a multiple of 16 bytes, ProFTPd will read beyond the end of the password...