Proftpd Project » Proftpd : Security Vulnerabilities, CVEs, Published In 2003
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.
Max CVSS
9.0
EPSS Score
13.38%
Published
2003-11-17
Updated
2017-10-05
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
Max CVSS
10.0
EPSS Score
0.21%
Published
2003-08-07
Updated
2008-09-05
2 vulnerabilities found