ProFTPD < 1.3.1rc1 mod_ctrls Module pr_ctrls_recv_request Function Local Overflow

The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is earlier than 1.3.1rc1 and is affected by a local, stack-based buffer overflow. The function 'prctrlsrecvrequest' in the file 'src/ctrls.c'...

[SECURITY] [DSA 2346-2] proftpd-dfsg regression fix

------------------------------------------------------------------------- Debian Security Advisory DSA-2346-2 [email protected] http://www.debian.org/security/ Florian Weimer November 16, 2011 http://www.debian.org/security/faq -...

DSA-2346-2 proftpd-dfsg - several

Bulletin has no description...

Debian DSA-2346-2 : proftpd-dfsg - several vulnerabilities

Several vulnerabilities were discovered in ProFTPD, an FTP server : - No CVE id ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue similar to CVE-2011-0411. - CVE-2011-4130 ProFTPD uses a response pool after freeing it under...

[SECURITY] [DSA 2346-1] proftpd-dfsg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2346-1 [email protected] http://www.debian.org/security/ Florian Weimer November 15, 2011 http://www.debian.org/security/faq -...

DSA-2346-1 proftpd-dfsg - several

Bulletin has no description...

ProFTPD < 1.3.3g RCE Vulnerability

ProFTPD is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:proftpd:proftpd";...

ProFTPD Response Pool Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server. Authentication is required to exploit this vulnerability in order to have access to the ftp command set. The specific flaw exists within how the server manages the response pool...

ftp-vuln-cve2010-4221 NSE Script

Checks for a stack-based buffer overflow in the ProFTPD server, version between 1.3.2rc3 and 1.3.3b. By sending a large number of TELNETIAC escape sequence, the proftpd process miscalculates the buffer length, and a remote attacker will be able to corrupt the stack and execute arbitrary code with...

Nmap NSE net: ftp-proftpd-backdoor

Tests for the presence of the ProFTPD 1.3.3c backdoor reported as OSVDB-ID 69562. This script attempts to exploit the backdoor using the innocuous 'id' command by default, but that can be changed with the 'ftp-proftpd-backdoor.cmd' script argument. SYNTAX: ftp-proftpd-backdoor.cmd: Command to...

Nmap NSE net: ftp-proftpd-backdoor

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2185-1 (proftpd-dfsg)

The remote host is missing an update to proftpd-dfsg announced via advisory DSA 2185-1. OpenVAS Vulnerability Test $Id: deb21851.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2185-1 proftpd-dfsg Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft In...

Debian Security Advisory DSA 2191-1 (proftpd-dfsg)

The remote host is missing an update to proftpd-dfsg announced via advisory DSA 2191-1. OpenVAS Vulnerability Test $Id: deb21911.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2191-1 proftpd-dfsg Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft In...

Debian: Security Advisory (DSA-2191-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2185-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for proftpd FEDORA-2011-5033

Check for the Version of proftpd OpenVAS Vulnerability Test Fedora Update for proftpd FEDORA-2011-5033 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for proftpd FEDORA-2011-5040

Check for the Version of proftpd OpenVAS Vulnerability Test Fedora Update for proftpd FEDORA-2011-5040 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for proftpd FEDORA-2011-5040

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for proftpd FEDORA-2011-5033

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 15 : proftpd-1.3.4-0.8.rc2.fc15 (2011-5098)

The second release candidate for proftpd 1.3.4. This includes fixes for a number of security issues : - Plaintext command injection vulnerability in FTPS implementation - Badly formed SSH messages cause DoS - Limit recursion depth for untrusted regular expressions 673040 The update also contains ...