Published: 09/11/2010 Updated: 18/03/2011

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 358

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

The pr_data_xfer function in ProFTPD prior to 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
proftpd proftpd 1.3.2
proftpd proftpd 1.3.0
proftpd proftpd 1.2.10
proftpd proftpd 1.2.9
proftpd proftpd 1.2.7
proftpd proftpd 1.2.5
proftpd proftpd 1.2.1
proftpd proftpd 1.2.0
proftpd proftpd 1.3.1
proftpd proftpd 1.2.8
proftpd proftpd 1.2.2
proftpd proftpd
proftpd proftpd 1.2.6
proftpd proftpd 1.2.4
proftpd proftpd 1.2.3

Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon: CVE-2008-7265 Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption CVE-2010-3867 Several directory traversal vulnerabilities have been discovered in the mod_site_misc module CVE-2010-456 ...

CWE-399 http://bugs.proftpd.org/show_bug.cgi?id=3131 http://www.debian.org/security/2011/dsa-2191 https://nvd.nist.gov https://www.debian.org/security/./dsa-2191

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-7265

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect