Proftpd : Security Vulnerabilities, CVEs, Published In 2010
CVE-2010-4221
Public exploit
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.
Max CVSS
10.0
EPSS Score
96.41%
Published
2010-11-09
Updated
2011-09-15
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
Max CVSS
7.1
EPSS Score
0.57%
Published
2010-11-09
Updated
2011-09-15
The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.
Max CVSS
4.0
EPSS Score
0.15%
Published
2010-11-09
Updated
2011-03-18
3 vulnerabilities found