Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

proftpd proftpd vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2

CVE-2011-1137

Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and previous versions allows remote malicious users to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.
Proftpd ProftpdProftpd Proftpd 1.2.0Proftpd Proftpd 1.2.1Proftpd Proftpd 1.2.2Proftpd Proftpd 1.2.3Proftpd Proftpd 1.2.4Proftpd Proftpd 1.2.5Proftpd Proftpd 1.2.6Proftpd Proftpd 1.2.7Proftpd Proftpd 1.2.8Proftpd Proftpd 1.2.9Proftpd Proftpd 1.2.10
9
CVSSv2

CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD prior to 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.
Proftpd ProftpdProftpd Proftpd 1.2.0Proftpd Proftpd 1.2.1Proftpd Proftpd 1.2.2Proftpd Proftpd 1.2.3Proftpd Proftpd 1.2.4Proftpd Proftpd 1.2.5Proftpd Proftpd 1.2.6Proftpd Proftpd 1.2.7Proftpd Proftpd 1.2.8Proftpd Proftpd 1.2.9Proftpd Proftpd 1.2.10
6.8
CVSSv2

CVE-2010-4652

Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD prior to 1.3.3d, when mod_sql is enabled, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitut...
Proftpd ProftpdProftpd Proftpd 1.2.0Proftpd Proftpd 1.2.1Proftpd Proftpd 1.2.2Proftpd Proftpd 1.2.3Proftpd Proftpd 1.2.4Proftpd Proftpd 1.2.5Proftpd Proftpd 1.2.6Proftpd Proftpd 1.2.7Proftpd Proftpd 1.2.8Proftpd Proftpd 1.2.9Proftpd Proftpd 1.2.10
1.2
CVSSv2

CVE-2012-6095

ProFTPD prior to 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
Proftpd ProftpdProftpd Proftpd 1.2.0Proftpd Proftpd 1.2.1Proftpd Proftpd 1.2.2Proftpd Proftpd 1.2.3Proftpd Proftpd 1.2.4Proftpd Proftpd 1.2.5Proftpd Proftpd 1.2.6Proftpd Proftpd 1.2.7Proftpd Proftpd 1.2.8Proftpd Proftpd 1.2.9Proftpd Proftpd 1.2.10
4
CVSSv2

CVE-2008-7265

The pr_data_xfer function in ProFTPD prior to 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.
Proftpd ProftpdProftpd Proftpd 1.2.0Proftpd Proftpd 1.2.1Proftpd Proftpd 1.2.2Proftpd Proftpd 1.2.3Proftpd Proftpd 1.2.4Proftpd Proftpd 1.2.5Proftpd Proftpd 1.2.6Proftpd Proftpd 1.2.7Proftpd Proftpd 1.2.8Proftpd Proftpd 1.2.9Proftpd Proftpd 1.2.10
7.5
CVSSv2

CVE-2005-4816

Buffer overflow in mod_radius in ProFTPD prior to 1.3.0rc2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
Proftpd Project Proftpd 1.2Proftpd Project Proftpd 1.2.0 Rc1Proftpd Project Proftpd 1.2.0 Rc2Proftpd Project Proftpd 1.2.0 Rc3Proftpd Project Proftpd 1.2.1Proftpd Project Proftpd 1.2.2Proftpd Project Proftpd 1.2.2 Rc1Proftpd Project Proftpd 1.2.2 Rc3Proftpd Project Proftpd 1.2.3Proftpd Project Proftpd 1.2.4Proftpd Project Proftpd 1.2.5Proftpd Project Proftpd 1.2.5 Rc1
6.4
CVSSv2

CVE-2005-2390

Multiple format string vulnerabilities in ProFTPD prior to 1.3.0rc2 allow malicious users to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive.
Proftpd Project Proftpd 1.2.0 Pre9Proftpd Project Proftpd 1.2.0 Pre10Proftpd Project Proftpd 1.2.0 Rc1Proftpd Project Proftpd 1.2.0 Rc2Proftpd Project Proftpd 1.2.0 Rc3Proftpd Project Proftpd 1.2.1Proftpd Project Proftpd 1.2.1 FinalProftpd Project Proftpd 1.2.2Proftpd Project Proftpd 1.2.2 Rc1Proftpd Project Proftpd 1.2.2 Rc2Proftpd Project Proftpd 1.2.2 Rc3Proftpd Project Proftpd 1.2.3
7.1
CVSSv2

CVE-2010-3867

Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD prior to 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) S...
Proftpd Proftpd 1.2.10Proftpd Proftpd 1.3.0Proftpd Proftpd 1.3.1Proftpd Proftpd 1.3.2Proftpd Proftpd 1.3.3
7.5
CVSSv2

CVE-2001-1500

ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote malicious users to bypass ACLs or cause an incorrect client hostname to be logged.
Proftpd Project Proftpd 1.2Proftpd Project Proftpd 1.2.0 Rc3Proftpd Project Proftpd 1.2.1Proftpd Project Proftpd 1.2.2Proftpd Project Proftpd 1.2.2 Rc1Proftpd Project Proftpd 1.2.2 Rc2Proftpd Project Proftpd 1.2 Pre1Proftpd Project Proftpd 1.2 Pre2Proftpd Project Proftpd 1.2 Pre3Proftpd Project Proftpd 1.2 Pre4Proftpd Project Proftpd 1.2 Pre5Proftpd Project Proftpd 1.2 Pre6
5.8
CVSSv2

CVE-2009-3639

The mod_tls module in ProFTPD prior to 1.3.2b, and 1.3.3 prior to 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, which allows remo...
Proftpd ProftpdProftpd Proftpd 1.3.1Proftpd Proftpd 1.3.2Proftpd Proftpd 1.3.3
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-25291CVE-2025-29358download managervisual bacnet capture toolgolang.org/x/netCVE-2025-1429log injectioncodename065local usersCVE-2025-29359CVE-2025-27363CVE-2025-2104wireless
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook