SUSE CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

Mageia: Security Advisory (MGASA-2013-0295)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : proftpd (openSUSE-2020-31)

This update for proftpd fixes the following issues : - GeoIP has been discontinued by Maxmind boo1156210 This update removes module build for geoip see https://support.maxmind.com/geolite-legacy-discontinuati on-notice/ - CVE-2019-19269: Fixed a NULL pointer dereference may occur when validating...

Security update for proftpd (moderate)

openSUSE Security Update: Security update for proftpd Announcement ID: openSUSE-SU-2020:0031-1 Rating: moderate References: 1113041 1144056 1154600 1155834 1156210 1157798 1157803 Cross-References: CVE-2017-7418 CVE-2019-12815 CVE-2019-18217 CVE-2019-19269 CVE-2019-19270 Affected Products: openSU...

ProFTPD < 1.3.4rc2 client-hostname restriction bypass

The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is earlier than 1.3.4rc2 and is affected by a Denial of Service vulnerability in the modsftp module. C Tenable Network Security, Inc...

Fedora 22 : proftpd-1.3.5a-5.fc22 (2015-97055df8a0)

Part of the SFTP handshake involves 'extensions', which are key/value pairs, comprised of strings. In SSH, strings are encoded for network transport as a 32-bit length, followed by the bytes. The modsftp module currently places no bounds/length limitations when reading these SFTP extension...

Updated proftpd packages fix security vulnerabilities

Updated proftpd packages fix security vulnerability: Part of the SFTP handshake involves "extensions", which are key/value pairs, comprised of strings. In SSH, strings are encoded for network transport as a 32-bit length, followed by the bytes. The modsftp module currently places no bounds/length...

ProFTPD mod_sftp Integer Overflow DoS PoC

No description provided by source. ProFTPD modsftp Integer Overflow by Kingcope reference: http://www.castaglia.org/proftpd/modules/modsftp.html Exploit Title: ProFTPD modsftp Integer Overflow Date: 7 February 2011 Author: Kingcope Software Link:...

ProFTPD &quot;mod_sftp/mod_sftp_pam&quot;整数溢出拒绝服务漏洞

CVE ID: CVE-2013-4359 ProFTPD是一个Unix平台上或是类Unix平台上（如Linux, FreeBSD等）的FTP服务器程序。 ProFTPD 1.3.4d及其他在函数 "sftpkbdintrecvresponse" contrib/modsftp/kbdint.c中存在整数溢出错误，远程攻击者通过发送特制的TCP报文，可耗尽内存资源。要利用此漏洞需要启用 "modsftp" 和 "modsftppam"模块 0 ProFTPD 1.3.4d 厂商补丁： ProFTPD Project ---------------...

Updated proftpd package fixes security vulnerability

A bug in ProFTPd's modsftp and modsftppam modules can be used to trigger a large heap allocation and exhaust all available system memory of the underlying operating system CVE-2013-4359...

[SECURITY] [DSA 27671-1] proftpd-dfsg security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2767-1 [email protected] http://www.debian.org/security/ Nico Golde September 29, 2013 http://www.debian.org/security/faq -...

proftpd DoS

DoS via modsftp and modsftppam modules...

DEBIAN-CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

UBUNTU-CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

Integer overflow

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

CVE-2013-4359

ProFTPD 1.3.4d and 1.3.5r3 are affected by an integer overflow in kbdint.c (mod_sftp) that can be triggered by a large response count in an authentication request, causing memory exhaustion and a DoS. The issue is confirmed across multiple advisories; remediation guidance in connected documents r...

CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...