39 matches found
EUVD-2010-4617
Malware in sbrugna...
EUVD-2001-0027
Malware in sbrugna...
EUVD-2019-8897
Malware in sbrugna...
EUVD-2004-0431
Malware in sbrugna...
EulerOS 2.0 SP12 : proftpd (EulerOS-SA-2025-1433)
According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service DoS ...
SUSE-SU-2025:1028-1 Security update for proftpd
This update for proftpd fixes the following issues: - CVE-2024-57392: Fixed null pointer dereference vulnerability by sending a maliciously crafted message bsc1238143. - CVE-2024-48651: Fixed supplemental group inheritance granting unintended access to GID 0 bsc1238141...
[SECURITY] [DLA 4077-1] proftpd-dfsg security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4077-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès March 02, 2025 https://wiki.debian.org/LTS -...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : ProFTPD vulnerabilities (USN-7297-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7297-1 advisory. Fabian Bumer, Marcus Brinkmann, and Jrg Schwenk discovered that the transport protocol implementation in ProFTPD had weak...
MGASA-2025-0015 Updated proftpd packages fix security vulnerability
In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from modsql. CVE-2024-48651...
proftpd-1.3.8c-1.1 on GA media (moderate)
proftpd-1.3.8c-1.1 on GA media Announcement ID: openSUSE-SU-2025:14636-1 Rating: moderate Cross-References: CVE-2024-48651 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the proftpd-1.3.8c-1....
OPENSUSE-SU-2025:14636-1 proftpd-1.3.8c-1.1 on GA media
These are all security issues fixed in the proftpd-1.3.8c-1.1 package on the GA media of openSUSE Tumbleweed...
[SECURITY] [DSA 5827-1] proftpd-dfsg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5827-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 10, 2024 https://www.debian.org/security/faq -...
[SECURITY] [DLA 3975-1] proftpd-dfsg security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3975-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès November 29, 2024 https://wiki.debian.org/LTS -...
OPENSUSE-SU-2024:0008-1 Security update for proftpd
This update for proftpd fixes the following issues: proftpd was updated to 1.3.8b - released 19-Dec-2023 - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity boo1218144 - CVE-2023-51713: Fixed Out-of-bounds buffer read when handling FTP commands. boo1218344...
MGASA-2020-0120 Updated proftpd packages fix security vulnerability
Updated proftpd packages fix security vulnerability: Antonio Morales discovered an use-after-free flaw in the memory pool allocator in ProFTPD. Interrupting current data transfers can corrupt the ProFTPD memory pool, leading to denial of service, or potentially the execution of arbitrary code...
OPENSUSE-SU-2020:0031-1 Security update for proftpd
This update for proftpd fixes the following issues: GeoIP has been discontinued by Maxmind boo1156210 This update removes module build for geoip see https://support.maxmind.com/geolite-legacy-discontinuation-notice/ - CVE-2019-19269: Fixed a NULL pointer dereference may occur when validating the...
MGASA-2019-0385 Updated proftpd packages fix security vulnerability
An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL skX509REVOKEDvalue function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the...
OPENSUSE-SU-2019:1870-1 Security update for proftpd
This update for proftpd fixes the following issues: Security issues fixed: - CVE-2019-12815: Fixed arbitrary file copy in modcopy that allowed for remote code execution and information disclosure without authentication bnc1142281. This update was imported from the openSUSE:Leap:15.0:Update update...
MGASA-2017-0115 Updated proftpd packages fix security vulnerability
ProFTPD before 1.3.5e controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks...
CVE-2016-3125
The modtls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman DH key to be used and consequently allow attackers to have unspecified impact via unknown vectors...