[SECURITY] Fedora 33 Update: proftpd-1.3.7c-1.fc33

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

ProFTPd 1.3.5 - (mod_copy) Remote Command Execution Exploit (2)

Exploit Title: ProFTPd 1.3.5 - 'modcopy' Remote Command Execution 2 Exploit Author: Shellbr3ak Version: 1.3.5 Tested on: Ubuntu 16.04.6 LTS CVE : CVE-2015-3306 !/usr/bin/env python3 import sys import socket import requests def exploitclient, target: client.connecttarget,21 Connecting to the targe...

ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution (2)

Exploit Title: ProFTPd 1.3.5 - 'modcopy' Remote Command Execution 2 Date: 25/05/2021 Exploit Author: Shellbr3ak Version: 1.3.5 Tested on: Ubuntu 16.04.6 LTS CVE : CVE-2015-3306 !/usr/bin/env python3 import sys import socket import requests def exploitclient, target: client.connecttarget,21...

ProFTPd 1.3.5 Remote Command Execution

Exploit Title: ProFTPd 1.3.5 - 'modcopy' Remote Command Execution 2 Date: 25/05/2021 Exploit Author: Shellbr3ak Version: 1.3.5 Tested on: Ubuntu 16.04.6 LTS CVE : CVE-2015-3306 !/usr/bin/env python3 import sys import socket import requests def exploitclient, target: client.connecttarget,21...

ProFTPD 1.3.7a Denial Of Service

Exploit Title: ProFTPD 1.3.7a - Remote Denial of Service Date: 22/03/2021 Exploit Author: xynmaps Vendor Homepage: http://www.proftpd.org/ Software Link: https://github.com/proftpd/proftpd Version: 1.3.7a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8 author =...

ProFTPD 1.3.7a - Remote Denial of Service Exploit

Exploit Title: ProFTPD 1.3.7a - Remote Denial of Service Exploit Author: xynmaps Vendor Homepage: http://www.proftpd.org/ Software Link: https://github.com/proftpd/proftpd Version: 1.3.7a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8 author = XYN/Dump/NSKB3...

ProFTPD 1.3.7a - Remote Denial of Service

Exploit Title: ProFTPD 1.3.7a - Remote Denial of Service Date: 22/03/2021 Exploit Author: xynmaps Vendor Homepage: http://www.proftpd.org/ Software Link: https://github.com/proftpd/proftpd Version: 1.3.7a Tested on: Parrot Security OS 5.9.0 ------------------------------- encoding=utf8 author =...

Vulnerability found in ProFTPd

A vulnerability has been found in ProFTPd. An unauthenticated malicious party can remotely exploit the vulnerability to cause a denial-of-service attack. No CVE ID issued. ProFTP has not yet released updates to address the vulnerability. fix in ProFTPd...

The vulnerability in the implementation of the alloc_pool function of the ProFTPD server allows a hacker to execute arbitrary code.

The vulnerability of the ProFTPD FTP-server’s allocpool function relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Exploit for Use After Free in Proftpd

CVE-2020-9273 These are the files I created during analysis a...

GLSA-202009-11 : ProFTPD: Denial of service

The remote host is affected by the vulnerability described in GLSA-202009-11 ProFTPD: Denial of service It was found that ProFTPD did not properly handle invalid SCP commands. Impact : An authenticated remote attacker could issue invalid SCP commands, possibly resulting in a Denial of Service...

ProFTPD: Denial of service

Background ProFTPD is an advanced and very configurable FTP server. Description It was found that ProFTPD did not properly handle invalid SCP commands. Impact An authenticated remote attacker could issue invalid SCP commands, possibly resulting in a Denial of Service condition. Workaround There i...

QNAP QTS Multiple ProFTPD Vulnerabilities

QNAP QTS is prone to multiple vulnerabilities in ProFTPD and other components. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

[SECURITY] [DLA 2338-2] proftpd-dfsg regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2338-2 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 25, 2020 https://wiki.debian.org/LTS -...

DLA-2338-2 proftpd-dfsg - regression update

Bulletin has no description...

Debian DLA-2338-2 : proftpd-dfsg regression update

The update of proftpd-dfsg released as DLA-2338-1 incorrectly destroyed the memory pool in function sftpkexhandle in contrib/modsftp/kex.c which may cause a segmentation fault and thus prevent sftp connections. For Debian 9 stretch, this problem has been fixed in version 1.3.5e+r1.3.5b-4+deb9u2. ...

Debian: Security Advisory (DLA-2338-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2338-1] proftpd-dfsg security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2338-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 22, 2020 https://wiki.debian.org/LTS -...

DLA-2338-1 proftpd-dfsg - security update

Bulletin has no description...

GLSA-202003-35 : ProFTPd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202003-35 ProFTPd: Multiple vulnerabilities Multiple vulnerabilities have been discovered in ProFTPd. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by interrupting the data transfer...