CVE-2006-5815 : Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably auth

Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."

Published 2006-11-08 23:07:00

Updated 2018-10-17 21:45:15

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute codeDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2006-5815

Probability of exploitation activity in the next 30 days: 54.09%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2006-5815

ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux)

Disclosure Date: 2006-11-26

First seen: 2020-04-26

exploit/linux/ftp/proftp_sreplace

This module exploits a stack-based buffer overflow in versions 1.2 through 1.3.0 of ProFTPD server. The vulnerability is within the "sreplace" function within the "src/support.c" file. The off-by-one heap overflow bug in the ProFTPD sreplace function has been

More information

CVSS scores for CVE-2006-5815

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2006-5815

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2006-5815

http://www.vupen.com/english/advisories/2006/4451

Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820

214820 – (CVE-2006-5815) CVE-2006-5815: proftpd unspecified vulnerability

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDKSA-2006:217
http://www.trustix.org/errata/2006/0070

Trustix | Empowering Trust and Security in the Digital Age

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/30147
http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1

Advisories - Mandriva Linux

CVEs referencing this url
http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml

ProFTPD: Remote execution of arbitrary code (GLSA 200611-26) — Gentoo security

CVEs referencing this url
http://www.debian.org/security/2006/dsa-1222

[SECURITY] [DSA 1222-1] New proftpd packages fix several vulnerabilities

CVEs referencing this url
http://bugs.proftpd.org/show_bug.cgi?id=2858

Bug 2858 – CVE-2006-5815: remote code execution in ProFTPD
http://securitytracker.com/id?1017167
http://www.securityfocus.com/bid/20992

ProFTPD SReplace Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/archive/1/452760/100/200/threaded
http://www.trustix.org/errata/2006/0066/

Trustix | Empowering Trust and Security in the Digital Age

CVEs referencing this url
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.035-proftpd.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491

CVEs referencing this url

Products affected by CVE-2006-5815

Proftpd Project » Proftpd
Versions up to, including, (<=) 1.3.0
cpe:2.3:a:proftpd_project:proftpd:*:*:*:*:*:*:*:*
Matching versions