Lucene search
K

1569 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-35025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restriction...

8.6CVSS6AI score0.00331EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 2:17 p.m.11 views

CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS0.00331EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 2:17 p.m.6 views

UBUNTU-CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.8AI score0.00331EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:21 p.m.18 views

CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00331EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 1:21 p.m.8 views

EUVD-2026-38789

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00331EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/24 1:21 p.m.5 views

CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.8AI score0.00331EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/24 1:21 p.m.44 views

CVE-2026-35025 ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS0.00331EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/24 1:21 p.m.12 views

CVE-2026-35025 ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00331EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 1:21 p.m.37 views

CVE-2026-35025

ProFTPD versions affected: 1.3.9b and 1.3.10rc2. Issue: an access control bypass in the RNFR path handling allows authenticated FTP users to bypass Directory ACL restrictions by prefixing paths with /proc/self/root. Root cause: unresolved symlink components in dir_canonical_path() cause dir_check...

8.6CVSS5.9AI score0.00331EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.51 views

PT-2026-51789

Name of the Vulnerable Software and Affected Versions ProFTPD versions 1.3.9b through 1.3.10rc2 Description An access control bypass allows authenticated FTP users to circumvent Directory ACL restrictions. By prefixing paths with /proc/self/root in the RNFR command handler, attackers can exploit...

8.6CVSS6AI score0.00331EPSS
Exploits0References15
OSV
OSV
added 2026/06/12 11:28 p.m.12 views

MGASA-2026-0200 Updated proftpd packages fix security vulnerabilities

CVE-2026-42167 modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM. CVE-2026-44331 a SQL injection vulnerabili...

8.1CVSS6.7AI score0.04438EPSS
Exploits7References3
Mageia
Mageia
added 2026/06/12 11:28 p.m.22 views

Updated proftpd packages fix security vulnerabilities

CVE-2026-42167 modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM. CVE-2026-44331 a SQL injection vulnerabili...

8.1CVSS6.4AI score0.04438EPSS
Exploits7References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/11 12:0 a.m.6 views

Security update for proftpd (important)

openSUSE Security Update: Security update for proftpd Announcement ID: openSUSE-SU-2025:0315-1 Rating: important References: 1233997 1236889 Cross-References: CVE-2024-48651 CVE-2024-57392 CVSS scores: CVE-2024-48651 SUSE: 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N...

8.2CVSS7.5AI score0.02204EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.9 views

Slackware Linux 15.0 / current proftpd Vulnerability (SSA:2026-154-03)

The version of proftpd installed on the remote host is prior to 1.3.9b. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-154-03 advisory. New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

8.1CVSS5.9AI score0.04438EPSS
Exploits7References2
Slackware Linux
Slackware Linux
added 2026/06/04 1:14 a.m.12 views

[slackware-security] proftpd

New proftpd packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/proftpd-1.3.9b-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Additional fixes for SQL injection, notably for...

8.1CVSS6.1AI score0.04438EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/06/03 1:18 p.m.136 views

Exploit for Improper Access Control in Proftpd

OpenVAS-Vulnerability-Analysis-Incident-Response-Report Real-W...

10CVSS6.2AI score0.96803EPSS
Exploits22
VulnCheck KEV
VulnCheck KEV
added 2026/06/01 12:0 a.m.21 views

VulnCheck KEV: CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS6.5AI score0.04438EPSS
In wildExploits7References6
GithubExploit
GithubExploit
added 2026/05/29 12:47 p.m.111 views

Penetration-Testing-Exploitation-of-Vulnerable-Linux-Systems

Penetration-Testing-Exploitation-of-Vulnerable-Linux-Systems K...

6.2AI score
Exploits0
Fedora
Fedora
added 2026/05/21 1:28 a.m.18 views

[SECURITY] Fedora 43 Update: proftpd-1.3.9a-2.fc43

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

8.1CVSS5.8AI score0.00455EPSS
Exploits0
Fedora
Fedora
added 2026/05/21 12:57 a.m.15 views

[SECURITY] Fedora 44 Update: proftpd-1.3.9a-2.fc44

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

8.1CVSS5.8AI score0.00455EPSS
Exploits0
Rows per page
Query Builder