Lucene search
K

55 matches found

Tenable Nessus
Tenable Nessus
added 2007/10/15 12:0 a.m.61 views

ProFTPD < 1.3.0a Multiple Vulnerabilities

The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is earlier than 1.3.0a. As such, it may be affected by one or more of the following vulnerabilities : - An off-by-one string manipulation flaw exist...

10CVSS6.8AI score0.74254EPSS
Exploits5References5
seebug.org
seebug.org
added 2007/08/24 12:0 a.m.34 views

ProFTPD 1.x (module mod_tls) Remote Buffer Overflow Exploit

No description provided by source. / Anti-modTLS-0day version 2 ProFTPd .. + modtls remote-root-0day-exploit main advantages of this exploit: 1 No patched modtls versions yet 2 This is a preauthentication bug 3 Bruteforcing option eheheheee main disadvantages: ...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/08/24 12:0 a.m.34 views

ProFTPd 1.x - mod_tls Remote Buffer Overflow

ProFTPd 1.x - modtls Remote Buffer Overflow / Anti-modTLS-0day version 2 ProFTPd .. + modtls remote-root-0day-exploit main advantages of this exploit: 1 No patched modtls versions yet 2 This is a preauthentication bug 3 Bruteforcing option eheheheee main disadvantages: 2 Target mechanism isn't ve...

1.2AI score
Exploits0
Packet Storm
Packet Storm
added 2007/08/24 12:0 a.m.35 views

proftpd-overflow.txt

/ Anti-modTLS-0day version 2 ProFTPd .. + modtls remote-root-0day-exploit main advantages of this exploit: 1 No patched modtls versions yet 2 This is a preauthentication bug 3 Bruteforcing option eheheheee main disadvantages: 2 Target mechanism isn't very well, cause exploitation depends on libra...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/08/24 12:0 a.m.33 views

ProFTPD 1.x (module mod_tls) Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits =========================================================== ProFTPD 1.x module modtls Remote Buffer Overflow Exploit =========================================================== / Anti-modTLS-0day version 2 ProFTPd .. + modtls...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.27 views

Mandrake Linux Security Advisory : proftpd (MDKSA-2006:217-1)

A stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier, allows remote attackers to cause a denial of service, as demonstrated by vdproftpd.pm, a 'ProFTPD remote exploit.' CVE-2006-5815 Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in...

10CVSS7.1AI score0.74254EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2006/12/04 12:0 a.m.33 views

GLSA-200611-26 : ProFTPD: Remote execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200611-26 ProFTPD: Remote execution of arbitrary code Evgeny Legerov discovered a stack-based buffer overflow in the sreplace function in support.c, as well as a buffer overflow in in the modtls module. Additionally, an off-by-two...

10CVSS7.2AI score0.74254EPSS
Exploits5References4
Debian
Debian
added 2006/11/30 5:13 p.m.43 views

[SECURITY] [DSA 1222-1] New proftpd packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1222-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 30th, 2006 http://www.debian.org/security/faq -...

10CVSS7.7AI score0.74254EPSS
Exploits5
OSV
OSV
added 2006/11/30 3:28 p.m.7 views

CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.6AI score
Exploits0References21
NVD
NVD
added 2006/11/30 3:28 p.m.11 views

CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.5CVSS7.6AI score0.17432EPSS
Exploits1References19
UbuntuCve
UbuntuCve
added 2006/11/30 3:28 p.m.21 views

CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.5CVSS6.6AI score0.17432EPSS
Exploits1References1
CVE
CVE
added 2006/11/30 3:0 p.m.93 views

CVE-2006-6170

ProFTPD 1.3.0a and earlier are affected by buffer overflow vulnerabilities: CVE-2006-6170 (tls_x509_name_oneline in mod_tls) can allow remote code execution via a large data length; CVE-2006-5815 (sreplace) may also enable code execution via a crafted FTP sequence; CVE-2006-6171 relates to comman...

7.5CVSS7.5AI score0.17432EPSS
Exploits1References19Affected Software1
Cvelist
Cvelist
added 2006/11/30 3:0 p.m.26 views

CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.5AI score0.17432EPSS
Exploits1References19
Debian CVE
Debian CVE
added 2006/11/30 3:0 p.m.27 views

CVE-2006-6170

Buffer overflow in the tlsx509nameoneline function in the modtls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815...

7.5CVSS7.6AI score0.17432EPSS
Exploits1
seebug.org
seebug.org
added 2006/11/29 12:0 a.m.66 views

ProFTPD mod_tls预认证远程缓冲区溢出漏洞

ProFTPD是一款开放源代码FTP服务程序。 ProFTPD的模块modtls在处理用户认证时存在缓冲溢出漏洞,远程攻击者可能利用此漏洞完全控制服务器。 ProFTPD的modtls模块的tlsx509nameoneline函数中存在远程溢出漏洞,允许远程未经认证的攻击者获得root用户权限。漏洞相关的代码如下: contrib/modtls.c: """ static char tlsx509nameonelineX509NAME x509name static char buf256 = '\0'; / If we are using OpenSSL 0.9.6 or newer,...

7AI score
Exploits0
Rows per page
Query Builder