CVE-2006-6170
https://notcve.org/view.php?id=CVE-2006-6170
Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815. Desbordamiento de búfer en la función tls_x509_name_oneline en el módulo mod_tls, tal y como se usa en ProFTPD 1.3.0a y versiones anteriores, y posiblemente otros productos, permite a atacantes remotos ejecutar código de su elección mediante un argumento con datos de gran longitud. Vulnerabilidad distinta a CVE-2006-5815. • http://elegerov.blogspot.com/2006/10/do-you-remember-2-years-old-overflow.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050935.html http://secunia.com/advisories/23141 http://secunia.com/advisories/23174 http://secunia.com/advisories/23179 http://secunia.com/advisories/23184 http://secunia.com/advisories/23207 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491 http://www.debian.org/security/2006/dsa-1222 http:/ •
CVE-2006-6171
https://notcve.org/view.php?id=CVE-2006-6171
ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from a vague initial disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability ** IMPUGNADO ** ProFTPD 1.3.0a y versiones anteriores no asigna apropiadamente el límite del búfer cuando se especifica CommandBufferSize en el fichero de configuración, lo que conduce a un desbordamiento inferior de búfer por superación de límite (off-by-twho). NOTA: En Noviembre de 2006, el rol de CommandBufferSize fue originalmente asociado con CVE-2006-5815, lo cual fue erroneo debido a un vago descubrimiento inicial. NOTA: Los desarrolladores de ProFTPD impugnaron esta vulnerabilidad, diciendo que la ubicación de memoria es sobre-escrita por asignación antes de ser usada con la función afectada, así que no es una vulnerabilidad. • http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date http://secunia.com/advisories/23174 http://secunia.com/advisories/23179 http://secunia.com/advisories/23184 http://secunia.com/advisories/23207 http://secunia.com/advisories/23329 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491 http://www.debian.org/security/2006/dsa-1218 http://www.debian.org/security/2006/dsa-1222 http://www.gentoo •
CVE-2006-5815 – ProFTPd 1.2 < 1.3.0 (Linux) - 'sreplace' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-5815
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit." Desbordamiento de búfer basado en pila en la función sreplace en ProFTPD 1.3.0 y anteriores permite a atacantes remotos, probablemente autentificados, provocar denegación de servicio y ejecutar código de su elección, como se demostró con vd_proftpd.pm, un "exploit remoto ProFTPD". • https://www.exploit-db.com/exploits/16852 https://www.exploit-db.com/exploits/2856 http://bugs.proftpd.org/show_bug.cgi?id=2858 http://gleg.net/vulndisco_meta.shtml http://secunia.com/advisories/22803 http://secunia.com/advisories/22821 http://secunia.com/advisories/23000 http://secunia.com/advisories/23069 http://secunia.com/advisories/23125 http://secunia.com/advisories/23174 http://secunia.com/advisories/23179 http://secunia.com/advisories/23184 http://secunia& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-4816
https://notcve.org/view.php?id=CVE-2005-4816
Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password. • http://archives.neohapsis.com/archives/dailydave/2006-q1/0122.html http://bugs.proftpd.org/show_bug.cgi?id=2658 http://www.debian.org/security/2007/dsa-1245 http://www.osvdb.org/23063 http://www.securityfocus.com/bid/16535 •
CVE-2005-2390
https://notcve.org/view.php?id=CVE-2005-2390
Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive. Múltiples vulnerabilidades de formateo de cadenas en ProFTPD anterior a la 1..3.0rc2 permite que atacantes causen una denegación de servicio u obtengan información confidencial mediante: 1) ciertos inputs al mensaje de apagado de ftpshut o 2) la directiva SQLShowInfo mod_sql • http://marc.info/?l=bugtraq&m=112604373503912&w=2 http://secunia.com/advisories/16181 http://www.debian.org/security/2005/dsa-795 http://www.proftpd.org/docs/RELEASE_NOTES-1.3.0rc2 http://www.securityfocus.com/bid/14380 http://www.securityfocus.com/bid/14381 •