Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proftpd project vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2006-6170
Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and previous versions, and possibly other products, allows remote malicious users to execute arbitrary code via a large data length argument, a different vulnerability than CVE-...
Proftpd Project Proftpd
668
VMScore
CVE-2006-6171
ProFTPD 1.3.0a and previous versions does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-...
Proftpd Project Proftpd
1000
VMScore
CVE-2003-0500
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD prior to 1.2.9rc1 allows remote malicious users to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
Proftpd Project Proftpd 1.2.9 Rc1
1 EDB exploit
668
VMScore
CVE-2001-0318
Format string vulnerability in ProFTPD 1.2.0rc2 may allow malicious users to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).
Proftpd Project Proftpd 1.2.0 Rc2
505
VMScore
CVE-2001-1501
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote malicious users to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an ls command with multiple...
Proftpd Project Proftpd 1.2.1
1 EDB exploit
409
VMScore
CVE-1999-1475
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
Proftpd Project Proftpd 1.2
605
VMScore
CVE-2008-4242
ProFTPD 1.3.1 interprets long commands from an FTP client as multiple commands, which allows remote malicious users to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client...
Proftpd Project Proftpd 1.3.1
685
VMScore
CVE-2009-0543
ProFTPD Server 1.3.1, with NLS support enabled, allows remote malicious users to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
Proftpd Proftpd 1.3.1
1 EDB exploit
1 Github repository
668
VMScore
CVE-2004-0432
ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
Proftpd Project Proftpd 1.2.9
Gentoo Linux 1.1a
Gentoo Linux 1.2
Gentoo Linux 1.4
Trustix Secure Linux 2.0
Gentoo Linux 0.5
Gentoo Linux 0.7
Trustix Secure Linux 2.1
1000
VMScore
CVE-1999-0368
Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.
Washington University Wu-ftpd 2.4.2 Beta18 Vr9
Proftpd Project Proftpd 1.2 Pre1
Washington University Wu-ftpd 2.4.2 Beta18
Sco Openserver 5.0
Slackware Slackware Linux 3.5
Redhat Linux 5.1
Slackware Slackware Linux 3.4
Redhat Linux 5.0
Sco Openserver 5.0.2
Sco Openserver 5.0.5
Slackware Slackware Linux 3.6
Sco Unixware 7.0
Debian Debian Linux 2.0
Sco Openserver 5.0.3
Sco Unixware 7.0.1
Sco Openserver 5.0.4
Caldera Openlinux 1.3
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »