Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proftpd proftpd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-12815
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
Proftpd Proftpd
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Siemens Simatic Cp 1543-1 Firmware
2 Github repositories
2.1
CVSSv2
CVE-2017-7418
ProFTPD prior to 1.3.5e and 1.3.6 prior to 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local a...
Proftpd Proftpd 1.3.6
Proftpd Proftpd
5
CVSSv2
CVE-2016-3125
The mod_tls module in ProFTPD prior to 1.3.5b and 1.3.6 prior to 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow malicious users to have unspecified impact via unkno...
Proftpd Proftpd 1.3.6
Proftpd Proftpd
Opensuse Opensuse 13.1
Fedoraproject Fedora 22
Fedoraproject Fedora 23
10
CVSSv2
CVE-2015-3306
The mod_copy module in ProFTPD 1.3.5 allows remote malicious users to read and write to arbitrary files via the site cpfr and site cpto commands.
Proftpd Proftpd 1.3.5
3 EDB exploits
14 Github repositories
5
CVSSv2
CVE-2013-4359
Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote malicious users to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.
Proftpd Proftpd 1.3.5
Proftpd Proftpd 1.3.4
1.2
CVSSv2
CVE-2012-6095
ProFTPD prior to 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
Proftpd Proftpd
Proftpd Proftpd 1.3.4
Proftpd Proftpd 1.3.2
Proftpd Proftpd 1.3.0
Proftpd Proftpd 1.2.2
Proftpd Proftpd 1.2.8
Proftpd Proftpd 1.2.7
Proftpd Proftpd 1.2.10
Proftpd Proftpd 1.3.3
Proftpd Proftpd 1.2.5
Proftpd Proftpd 1.2.4
Proftpd Proftpd 1.2.1
Proftpd Proftpd 1.2.0
Proftpd Proftpd 1.2.9
Proftpd Proftpd 1.2.6
Proftpd Proftpd 1.3.1
Proftpd Proftpd 1.2.3
4.3
CVSSv2
CVE-2010-4562
Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote malicious users to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcp...
Microsoft Windows 2000
Microsoft Windows Server 2008 -
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Xp
Microsoft Windows 2003 Server
9
CVSSv2
CVE-2011-4130
Use-after-free vulnerability in the Response API in ProFTPD prior to 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.
Proftpd Proftpd 1.3.3
Proftpd Proftpd 1.3.2
Proftpd Proftpd 1.3.1
Proftpd Proftpd 1.3.0
Proftpd Proftpd 1.2.10
Proftpd Proftpd 1.2.9
Proftpd Proftpd 1.2.7
Proftpd Proftpd 1.2.5
Proftpd Proftpd 1.2.3
Proftpd Proftpd 1.2.1
Proftpd Proftpd 1.2.0
Proftpd Proftpd 1.2.8
Proftpd Proftpd 1.2.2
Proftpd Proftpd 1.2.6
Proftpd Proftpd
Proftpd Proftpd 1.2.4
2 Github repositories
1 Article
6.8
CVSSv2
CVE-2011-0411
The STARTTLS implementation in Postfix 2.4.x prior to 2.4.16, 2.5.x prior to 2.5.12, 2.6.x prior to 2.6.9, and 2.7.x prior to 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted SMTP sessions by sending ...
Postfix Postfix 2.4
Postfix Postfix 2.4.4
Postfix Postfix 2.4.0
Postfix Postfix 2.4.9
Postfix Postfix 2.4.8
Postfix Postfix 2.4.6
Postfix Postfix 2.4.5
Postfix Postfix 2.4.14
Postfix Postfix 2.4.15
Postfix Postfix 2.4.3
Postfix Postfix 2.4.2
Postfix Postfix 2.4.10
Postfix Postfix 2.4.11
Postfix Postfix 2.4.1
Postfix Postfix 2.4.7
Postfix Postfix 2.4.12
Postfix Postfix 2.4.13
Postfix Postfix 2.5.0
Postfix Postfix 2.5.8
Postfix Postfix 2.5.9
Postfix Postfix 2.5.6
Postfix Postfix 2.5.7
5
CVSSv2
CVE-2011-1137
Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and previous versions allows remote malicious users to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.
Proftpd Proftpd 1.3.1
Proftpd Proftpd 1.3.2
Proftpd Proftpd 1.3.0
Proftpd Proftpd 1.3.3
Proftpd Proftpd 1.2.2
Proftpd Proftpd 1.2.0
Proftpd Proftpd 1.2.8
Proftpd Proftpd 1.2.9
Proftpd Proftpd 1.2.5
Proftpd Proftpd 1.2.7
Proftpd Proftpd 1.2.10
Proftpd Proftpd 1.2.4
Proftpd Proftpd 1.2.6
Proftpd Proftpd 1.2.1
Proftpd Proftpd
Proftpd Proftpd 1.2.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »