Proftpd Project : Security Vulnerabilities, CVEs, Published In 2006 (Code Execution)
Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.
Max CVSS
6.6
EPSS Score
0.18%
Published
2006-12-15
Updated
2018-10-17
Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815.
Max CVSS
7.5
EPSS Score
30.68%
Published
2006-11-30
Updated
2018-10-17
CVE-2006-5815
Public exploit
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."
Max CVSS
10.0
EPSS Score
52.78%
Published
2006-11-08
Updated
2018-10-17
3 vulnerabilities found