5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.02 Low
EPSS
Percentile
88.7%
Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3
allows remote attackers to cause a denial of service (memory consumption)
via a large response count value in an authentication request, which
triggers a large memory allocation.