Lucene search
RootSSV:61050HistoryOct 09, 2013 - 12:00 a.m.
ProFTPD "mod_sftp/mod_sftp_pam"整数溢出拒绝服务漏洞
2013-10-0900:00:00
Root
www.seebug.org
755
0.02 Low
EPSS
Percentile
87.5%
CVE ID: CVE-2013-4359
ProFTPD是一个Unix平台上或是类Unix平台上(如Linux, FreeBSD等)的FTP服务器程序。
ProFTPD 1.3.4d及其他在函数 "sftp_kbdint_recv_response()" (contrib/mod_sftp/kbdint.c)中存在整数溢出错误,远程攻击者通过发送特制的TCP报文,可耗尽内存资源。要利用此漏洞需要启用 "mod_sftp" 和 "mod_sftp_pam"模块
0
ProFTPD 1.3.4d
厂商补丁:
ProFTPD Project
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
Related
securityvulns
securityvulns
[SECURITY] [DSA 27671-1] proftpd-dfsg security update
2013-10-01 00:00:00
proftpd DoS
2013-10-01 00:00:00
cve
cve
CVE-2013-4359
2013-09-30 21:55:00
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0295)
2022-01-28 00:00:00
Debian Security Advisory DSA 2767-1 (proftpd-dfsg - denial of service)
2013-09-29 00:00:00
Debian: Security Advisory (DSA-2767-1)
2013-09-28 00:00:00
debiancve
debiancve
CVE-2013-4359
2013-09-30 21:55:00
prion
prion
Integer overflow
2013-09-30 21:55:00
debian
debian
[SECURITY] [DSA 27671-1] proftpd-dfsg security update
2013-09-29 15:26:43
mageia
mageia
Updated proftpd package fixes security vulnerability
2013-10-05 21:58:23
ubuntucve
ubuntucve
CVE-2013-4359
2013-09-30 00:00:00
nessus
nessus
openSUSE Security Update : proftpd (openSUSE-SU-2013:1563-1)
2014-06-13 00:00:00
Debian DSA-2767-1 : proftpd-dfsg - denial of service
2013-09-30 00:00:00
Mandriva Linux Security Advisory : proftpd (MDVSA-2013:245)
2013-10-04 00:00:00
altlinux
altlinux
fedora
fedora
[SECURITY] Fedora 20 Update: proftpd-1.3.4e-3.fc20
2015-05-03 17:25:18
gentoo
gentoo
ProFTPD: Multiple vulnerabilities
2013-09-24 00:00:00