Page 6 of 28 results (0.021 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1

Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command. • http://marc.info/?l=bugtraq&m=107824679817240&w=2 http://www.securityfocus.com/bid/9782 https://exchange.xforce.ibmcloud.com/vulnerabilities/15387 • CWE-193: Off-by-one Error •

CVSS: 9.0EPSS: 13%CPEs: 9EXPL: 3

ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files. ProFTPD 1.2.7 a 1.2.9rc2 no traduce adecuadamente los caractéres de nueva línea cuando transfiere caractéres en modo ASCII, permite a atancantes remotos ejecutar código arbitrario mediante un desbordamiento de búfer usando ciertos ficheros. • https://www.exploit-db.com/exploits/23170 https://www.exploit-db.com/exploits/110 https://www.exploit-db.com/exploits/107 http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012072.html http://marc.info/?l=bugtraq&m=106441655617816&w=2 http://marc.info/?l=bugtraq&m=106606885611269&w=2 http://secunia.com/advisories/9829 http://www.kb.cert.org/vuls/id/405348 http://www.mandriva.com/security/advisories?name=MDKSA-2003:095 http://xforce.iss.net/xfo • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0

ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000450 http://www.mandriva.com/security/advisories?name=MDKSA-2002:005 http://www.securityfocus.com/archive/1/212805 http://www.securityfocus.com/bid/3310 https://exchange.xforce.ibmcloud.com/vulnerabilities/7126 •