Fedora 22 : proftpd-1.3.5a-5.fc22 (2015-97055df8a0)
Part of the SFTP handshake involves 'extensions', which are key/value pairs, comprised of strings. In SSH, strings are encoded for network transport as a 32-bit length, followed by the bytes. The modsftp module currently places no bounds/length limitations when reading these SFTP extension...