1534 matches found
Exploit for Improper Access Control in Proftpd
OpenVAS-Vulnerability-Analysis-Incident-Response-Report Real-W...
VulnCheck KEV: CVE-2026-42167
modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...
Penetration-Testing-Exploitation-of-Vulnerable-Linux-Systems
Penetration-Testing-Exploitation-of-Vulnerable-Linux-Systems K...
[SECURITY] Fedora 43 Update: proftpd-1.3.9a-2.fc43
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
[SECURITY] Fedora 44 Update: proftpd-1.3.9a-2.fc44
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
Fedora 44 : proftpd (2026-871243b391)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-871243b391 advisory. This update contains an updated modwrap2sql that addresses a potential SQL injection issue when connected to from a client with a maliciously-constructed...
Fedora 43 : proftpd (2026-4ddb108952)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4ddb108952 advisory. This update contains an updated modwrap2sql that addresses a potential SQL injection issue when connected to from a client with a maliciously-constructed...
Fedora 45 : proftpd (2026-c8173d7dcd)
The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c8173d7dcd advisory. Automatic update for proftpd-1.3.9a-2.fc45. Changelog Mon May 11 2026 Paul Howarth - 1.3.9a-2 - Additional escaping for avoidance of SQL injection...
OESA-2026-2268 proftpd security update
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
OESA-2026-2267 proftpd security update
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
OESA-2026-2266 proftpd security update
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
OESA-2026-2265 proftpd security update
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
OESA-2026-2264 proftpd security update
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
[SECURITY] Fedora 43 Update: proftpd-1.3.9a-1.fc43
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
[SECURITY] Fedora 42 Update: proftpd-1.3.9a-1.fc42
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
[SECURITY] Fedora 44 Update: proftpd-1.3.9a-1.fc44
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
Fedora 42 : proftpd (2026-739d341ab8)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-739d341ab8 advisory. Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via modsql CVE-2026-42167. Note that modsql is not enabled by...
Fedora 44 : proftpd (2026-549ee32ea1)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-549ee32ea1 advisory. Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via modsql CVE-2026-42167. Note that modsql is not enabled by...
Fedora 43 : proftpd (2026-bdb9342c72)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-bdb9342c72 advisory. Cumulative bug-fix release from upstream. Includes fix for a possible SQL-injection issue via modsql CVE-2026-42167. Note that modsql is not enabled by...
SUSE CVE-2026-44331
In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqltabfetchclientscb in contrib/modwrap2sql.c allows a remote attacker to inject arbitrary SQL commands via a crafted domain name that is accessed in a reverse DNS lookup. When "UseReverseDNS on" is enabled, the...