CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-48651 – Debian Security Advisory 5827-1
https://notcve.org/view.php?id=CVE-2024-48651
29 Nov 2024 — In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from mod_sql. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that the transport protocol implementation in ProFTPD had weak integrity checks. An attacker could use this vulnerability to bypass security features like encryption and integrity checks. Martin Mirchev discovered that ProFTPD did not properly validate user input over the network. An a... • https://github.com/proftpd/proftpd/commit/cec01cc0a2523453e5da5a486bc6d977c3768db1 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2CVE-2023-51713 – Ubuntu Security Notice USN-7297-1
https://notcve.org/view.php?id=CVE-2023-51713
22 Dec 2023 — make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics. make_ftp_cmd en main.c en ProFTPD anterior a 1.3.8a tiene una lectura fuera de los límites de un byte y el daemon falla debido a un mal manejo de las semánticas de quote/backslash. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that the transport protocol implementation in ProFTPD had weak integrity checks. An attacker could use this vulnera... • https://github.com/proftpd/proftpd/blob/1.3.8/NEWS • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 67%CPEs: 79EXPL: 3CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2021-46854 – Gentoo Linux Security Advisory 202305-03
https://notcve.org/view.php?id=CVE-2021-46854
23 Nov 2022 — mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters. mod_radius en ProFTPD anterior a 1.3.7c permite la divulgación de memoria a servidores RADIUS porque copia bloques de 16 caracteres. A vulnerability has been discovered in ProFTPd which could result in memory disclosure. Versions less than 1.3.7c are affected. • http://www.proftpd.org/docs/RELEASE_NOTES-1.3.7e • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.0EPSS: 50%CPEs: 13EXPL: 1CVE-2020-9273 – Debian Security Advisory 4635-1
https://notcve.org/view.php?id=CVE-2020-9273
20 Feb 2020 — In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution. En ProFTPD versión 1.3.7, es posible corromper los grupos de memoria mediante la interrupción del canal de transferencia de datos. Esto conlleva a un uso de la memoria previamente liberada en la función alloc_pool en el archivo pool.c, y una posible ejecución de código remota. Antonio Morales discovered an user-afte... • https://github.com/ptef/CVE-2020-9273 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-9272 – Gentoo Linux Security Advisory 202003-35
https://notcve.org/view.php?id=CVE-2020-9272
20 Feb 2020 — ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function. ProFTPD versión 1.3.7, presenta una vulnerabilidad de lectura fuera de límites (OOB) en mod_cap por medio de la función cap_to_text del archivo cap_text.c. Multiple vulnerabilities have been found in ProFTPd, the worst of which may lead to arbitrary code execution. Versions less than 1.3.6c are affected. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00002.html • CWE-125: Out-of-bounds Read •
CVSS: 4.9EPSS: 2%CPEs: 11EXPL: 0CVE-2019-19269 – Gentoo Linux Security Advisory 202003-35
https://notcve.org/view.php?id=CVE-2019-19269
26 Nov 2019 — An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup. Se detectó un problema en tls_verify_crl en ProFTPD versiones hasta 1.3.6b. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-19270
https://notcve.org/view.php?id=CVE-2019-19270
26 Nov 2019 — An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server. Se detectó un problema en la función tls_verify_crl en ProFTPD versiones hasta 1.3.6b. Un fallo en la comprobación del campo apropiado de una entra... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19271
https://notcve.org/view.php?id=CVE-2019-19271
26 Nov 2019 — An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server. Se detectó un problema en la función tls_verify_crl en ProFTPD versiones anteriores a 1.3.6. Una variable de iteración errónea, utilizada cuando se comprueba un certificado ... • https://github.com/proftpd/proftpd/issues/860 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19272
https://notcve.org/view.php?id=CVE-2019-19272
26 Nov 2019 — An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup. Se detectó un problema en la función tls_verify_crl en ProFTPD versiones anteriores a 1.3.6. Una desreferencia directa de un puntero NULL (una variable inicializada en NULL) conlleva a un bloqueo al comprobar el certificado de un cliente... • https://github.com/proftpd/proftpd/issues/858 • CWE-476: NULL Pointer Dereference •