Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proftpd vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-3306
The mod_copy module in ProFTPD 1.3.5 allows remote malicious users to read and write to arbitrary files via the site cpfr and site cpto commands.
Proftpd Proftpd 1.3.5
3 EDB exploits
13 Github repositories
6.8
CVSSv2
CVE-2009-0543
ProFTPD Server 1.3.1, with NLS support enabled, allows remote malicious users to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
Proftpd Proftpd 1.3.1
1 EDB exploit
1 Github repository
5.1
CVSSv2
CVE-2007-2165
The Auth API in ProFTPD prior to 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote malicious users to bypas...
Proftpd Project Proftpd
10
CVSSv2
CVE-2006-5815
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and previous versions allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."
Proftpd Project Proftpd
2 EDB exploits
10
CVSSv2
CVE-2003-0500
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD prior to 1.2.9rc1 allows remote malicious users to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
Proftpd Project Proftpd 1.2.9 Rc1
1 EDB exploit
7.5
CVSSv2
CVE-2001-0318
Format string vulnerability in ProFTPD 1.2.0rc2 may allow malicious users to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).
Proftpd Project Proftpd 1.2.0 Rc2
6.8
CVSSv2
CVE-2008-4242
ProFTPD 1.3.1 interprets long commands from an FTP client as multiple commands, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client...
Proftpd Project Proftpd 1.3.1
4.6
CVSSv2
CVE-1999-1475
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
Proftpd Project Proftpd 1.2
5
CVSSv2
CVE-2001-1501
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote malicious users to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple...
Proftpd Project Proftpd 1.2.1
1 EDB exploit
5
CVSSv2
CVE-2001-0136
Memory leak in ProFTPd 1.2.0rc2 allows remote malicious users to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
Proftpd Proftpd 1.2.0
Mandrakesoft Mandrake Linux 7.2
Debian Debian Linux 2.2
Conectiva Linux
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »