Proftpd : Security Vulnerabilities, CVEs, Published In 2011 (Denial of service)
Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.
Max CVSS
5.0
EPSS Score
6.68%
Published
2011-03-11
Updated
2011-09-07
Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query.
Max CVSS
6.8
EPSS Score
25.63%
Published
2011-02-02
Updated
2011-03-18
2 vulnerabilities found