4 matches found
Mandrake Linux Security Advisory : proftpd (MDKSA-2006:217-1)
A stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier, allows remote attackers to cause a denial of service, as demonstrated by vdproftpd.pm, a 'ProFTPD remote exploit.' CVE-2006-5815 Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in...
CVE-2006-6171
ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...
ProFTPD CommandBufferSize远程拒绝服务漏洞
ProFTPD是一款开放源代码FTP服务程序。 ProFTPD在处理用户请求时存在漏洞,如果启用了CommandBufferSize选项的话,则ProFTPD的main.c文件中cmdloop函数就可能没有正确验证FTP命令的缓冲区大小限制,导致拒绝服务。 ProFTPD Project ProFTPD 1.3 Debian ------ Debian已经为此发布了一个安全公告(DSA-1218-1)以及相应补丁: DSA-1218-1:New proftpd packages fix denial of service...
FreeBSD : proftpd -- Remote Code Execution Vulnerability (cca97f5f-7435-11db-91de-0008743bf21a)
FrSIRT reports : A vulnerability has been identified in ProFTPD, which could be exploited by attackers to cause a denial of service or execute arbitrary commands. This flaw is due to a buffer overflow error in the 'main.c' file where the 'cmdbufsize' size of the buffer used to handle FTP commands...