Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proftpd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-9272
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
Proftpd Proftpd
Siemens Simatic Net Cp 1543-1 Firmware
Siemens Simatic Net Cp 1545-1 Firmware
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
9.8
CVSSv3
CVE-2019-12815
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
Proftpd Proftpd
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Siemens Simatic Cp 1543-1 Firmware
2 Github repositories
NA
CVE-2004-0432
ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
Proftpd Project Proftpd 1.2.9
Gentoo Linux 1.1a
Gentoo Linux 1.2
Gentoo Linux 1.4
Trustix Secure Linux 2.0
Gentoo Linux 0.5
Gentoo Linux 0.7
Trustix Secure Linux 2.1
8.8
CVSSv3
CVE-2020-9273
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
Proftpd Proftpd 1.3.7
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Siemens Simatic Net Cp 1545-1 Firmware -
Siemens Simatic Net Cp 1543-1 Firmware
3 Github repositories
NA
CVE-1999-0368
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Proftpd Project Proftpd 1.2 Pre1
Washington University Wu-ftpd 2.4.2 Beta18
Sco Openserver 5.0
Slackware Slackware Linux 3.5
Redhat Linux 5.1
Slackware Slackware Linux 3.4
Redhat Linux 5.0
Sco Openserver 5.0.2
Sco Openserver 5.0.5
Slackware Slackware Linux 3.6
Sco Unixware 7.0
Debian Debian Linux 2.0
Sco Openserver 5.0.3
Sco Unixware 7.0.1
Sco Openserver 5.0.4
Caldera Openlinux 1.3
2 EDB exploits
NA
CVE-2010-4562
Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote malicious users to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcp...
Microsoft Windows 2000
Microsoft Windows Server 2008 -
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Xp
Microsoft Windows 2003 Server
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
9 Github repositories
1 Article
NA
CVE-2000-0824
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as ...
Gnu Glibc 2.1.1
1 EDB exploit
NA
CVE-2001-0456
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
Debian Debian Linux 2.2
NA
CVE-2005-0484
Format string vulnerability in gprostats for GProFTPD prior to 8.1.9 may allow remote malicious users to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log.
Gproftpd Gproftpd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »