Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proftpd vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-51713
make_ftp_cmd in main.c in ProFTPD prior to 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.
Proftpd Proftpd
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
9 Github repositories
1 Article
7.5
CVSSv3
CVE-2021-46854
mod_radius in ProFTPD prior to 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters.
Proftpd Proftpd
8.8
CVSSv3
CVE-2020-9273
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
Proftpd Proftpd 1.3.7
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Siemens Simatic Net Cp 1545-1 Firmware -
Siemens Simatic Net Cp 1543-1 Firmware
3 Github repositories
7.5
CVSSv3
CVE-2020-9272
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
Proftpd Proftpd
Siemens Simatic Net Cp 1543-1 Firmware
Siemens Simatic Net Cp 1545-1 Firmware
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
4.9
CVSSv3
CVE-2019-19269
An issue exists in tls_verify_crl in ProFTPD up to and including 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs ...
Proftpd Proftpd 1.3.6
Proftpd Proftpd
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2019-19270
An issue exists in tls_verify_crl in ProFTPD up to and including 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow ...
Proftpd Proftpd 1.3.6
Proftpd Proftpd
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-19271
An issue exists in tls_verify_crl in ProFTPD prior to 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been...
Proftpd Proftpd
7.5
CVSSv3
CVE-2019-19272
An issue exists in tls_verify_crl in ProFTPD prior to 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
Proftpd Proftpd
7.5
CVSSv3
CVE-2019-18217
ProFTPD prior to 1.3.6b and 1.3.7rc prior to 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
Proftpd Proftpd 1.3.6
Proftpd Proftpd 1.3.7
Proftpd Proftpd
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »