10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.6%
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function
in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute
arbitrary code via vectors involving a TELNET IAC escape character to a (1)
FTP or (2) FTPS server.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | proftpd-dfsg | < 1.3.2c-1ubuntu0.1 | UNKNOWN |
ubuntu | 10.10 | noarch | proftpd-dfsg | < 1.3.2e-4ubuntu0.1 | UNKNOWN |