27 matches found
Exploit for Improper Access Control in Proftpd
OpenVAS-Vulnerability-Analysis-Incident-Response-Report Real-W...
ProFTPd 1.3.5 Remote Command Execution
Exploit Title: ProFTPd 1.3.5 - 'modcopy' Remote Command Execution 2 Date: 25/05/2021 Exploit Author: Shellbr3ak Version: 1.3.5 Tested on: Ubuntu 16.04.6 LTS CVE : CVE-2015-3306 !/usr/bin/env python3 import sys import socket import requests def exploitclient, target: client.connecttarget,21...
ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution (2)
Exploit Title: ProFTPd 1.3.5 - 'modcopy' Remote Command Execution 2 Date: 25/05/2021 Exploit Author: Shellbr3ak Version: 1.3.5 Tested on: Ubuntu 16.04.6 LTS CVE : CVE-2015-3306 !/usr/bin/env python3 import sys import socket import requests def exploitclient, target: client.connecttarget,21...
ProFTPd 1.3.5 - (mod_copy) Remote Command Execution Exploit (2)
Exploit Title: ProFTPd 1.3.5 - 'modcopy' Remote Command Execution 2 Exploit Author: Shellbr3ak Version: 1.3.5 Tested on: Ubuntu 16.04.6 LTS CVE : CVE-2015-3306 !/usr/bin/env python3 import sys import socket import requests def exploitclient, target: client.connecttarget,21 Connecting to the targe...
Mail.ru: [files.ucs.ru] ProFTPd mod_copy Arbitrary Read/Write
CVE-2015-3306 in opened to external network FTP server on files.ucs.ru...
CVE-2019-12815
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...
CVE-2019-12815
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...
CVE-2019-12815
An arbitrary file copy vulnerability in modcopy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306...
openSUSE Security Update : proftpd (openSUSE-2015-410)
The ftp server ProFTPD was updated to 1.3.5a to fix one security issue. The following vulnerability was fixed : - CVE-2015-3306: Unauthenticated copying of files via SITE CPFR/CPTO allowed by modcopy boo927290 In addition, proftpd was updated to 1.3.5a to fix a number of upstream bugs and improve...
ProFTPD 1.3.5 Mod_Copy Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ProFTPD 1.3.5 ModCopy Command Execution', 'Description' = %q This module exploits the SITE CPFR/CPTO commands in ProFTPD version...
ProFTPD 1.3.5 Mod_Copy Command Execution Exploit
This Metasploit module exploits the SITE CPFR/CPTO commands in ProFTPD version 1.3.5. Any unauthenticated client can leverage these commands to copy files from any part of the filesystem to a chosen destination. The copy commands are executed with the rights of the ProFTPD service, which by defau...
ProFTPD mod_copy command execution
Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...
ProFTPD mod_copy command execution
Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...
ProFTPD mod_copy command execution
Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...
Debian DSA-3263-1 : proftpd-dfsg - security update
Vadim Melihow discovered that in proftpd-dfsg, an FTP server, the modcopy module allowed unauthenticated users to copy files around on the server, and possibly to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...
[SECURITY] [DSA 3263-1] proftpd-dfsg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3263-1 [email protected] http://www.debian.org/security/ Sebastien Delafond May 19, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3263-1] proftpd-dfsg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3263-1 [email protected] http://www.debian.org/security/ Sebastien Delafond May 19, 2015 http://www.debian.org/security/faq -...
CVE-2015-3306
The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands...
CVE-2015-3306
The modcopy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands...
CVE-2015-3306
CVE-2015-3306 affects ProFTPD before patches for 1.3.5, via the mod_copy module. Unauthenticated attackers can use SITE CPFR/CPTO to copy files anywhere on the server and can read/write arbitrary files, enabling remote code execution and information disclosure. Public exploits and proofs (e.g., e...