Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proftpd vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1849
inftrees.h in zlib 1.2.2 allows remote malicious users to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
Zlib Zlib 1.2.2
NA
CVE-2005-2096
zlib 1.2 and later versions allows remote malicious users to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
Zlib Zlib 1.2.1
Zlib Zlib 1.2.0
Zlib Zlib 1.2.2
NA
CVE-2005-0484
Format string vulnerability in gprostats for GProFTPD prior to 8.1.9 may allow remote malicious users to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log.
Gproftpd Gproftpd
NA
CVE-2004-1602
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote malicious users to identify valid usernames by timing the server response.
Proftpd Proftpd
1 EDB exploit
NA
CVE-2004-0432
ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
Proftpd Project Proftpd 1.2.9
Gentoo Linux 1.1a
Gentoo Linux 1.2
Gentoo Linux 1.4
Trustix Secure Linux 2.0
Gentoo Linux 0.5
Gentoo Linux 0.7
Trustix Secure Linux 2.1
NA
CVE-2003-0831
ProFTPD 1.2.7 up to and including 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote malicious users to execute arbitrary code via a buffer overflow using certain files.
Proftpd Project Proftpd 1.2.7
Proftpd Project Proftpd 1.2.9 Rc2
Proftpd Project Proftpd 1.2.8 Rc2
Proftpd Project Proftpd 1.2.9 Rc1
Proftpd Project Proftpd 1.2.7 Rc1
Proftpd Project Proftpd 1.2.7 Rc2
Proftpd Project Proftpd 1.2.7 Rc3
Proftpd Project Proftpd 1.2.8
Proftpd Project Proftpd 1.2.8 Rc1
3 EDB exploits
NA
CVE-2003-0500
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD prior to 1.2.9rc1 allows remote malicious users to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
Proftpd Project Proftpd 1.2.9 Rc1
1 EDB exploit
NA
CVE-2001-1500
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote malicious users to bypass ACLs or cause an incorrect client hostname to be logged.
Proftpd Project Proftpd 1.2 Pre10
Proftpd Project Proftpd 1.2 Pre11
Proftpd Project Proftpd 1.2 Pre8
Proftpd Project Proftpd 1.2 Pre9
Proftpd Project Proftpd 1.2.2 Rc1
Proftpd Project Proftpd 1.2.2 Rc2
Proftpd Project Proftpd 1.2 Pre1
Proftpd Project Proftpd 1.2 Pre6
Proftpd Project Proftpd 1.2 Pre7
Proftpd Project Proftpd 1.2
Proftpd Project Proftpd 1.2.0 Rc3
Proftpd Project Proftpd 1.2 Pre2
Proftpd Project Proftpd 1.2 Pre3
Proftpd Project Proftpd 1.2.1
Proftpd Project Proftpd 1.2.2
Proftpd Project Proftpd 1.2 Pre4
Proftpd Project Proftpd 1.2 Pre5
NA
CVE-2001-1501
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote malicious users to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple...
Proftpd Project Proftpd 1.2.1
1 EDB exploit
NA
CVE-2001-0456
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
Debian Debian Linux 2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »