Vulnerabilities
Vulnerable Software
Proftpd:  >> Proftpd  >> 1.3.5  Security Vulnerabilities
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
CVSS Score
7.5
EPSS Score
0.195
Published
2019-10-21
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVSS Score
9.8
EPSS Score
0.576
Published
2019-07-19
The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.
CVSS Score
7.5
EPSS Score
0.07
Published
2016-04-05
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
CVSS Score
10.0
EPSS Score
0.968
Published
2015-05-18
Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.
CVSS Score
5.0
EPSS Score
0.03
Published
2013-09-30


Contact Us

Shodan ® - All rights reserved