CVSS: 9.8EPSS: 84%CPEs: 79EXPL: 3CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 4.9EPSS: 1%CPEs: 11EXPL: 0CVE-2019-19269 – Gentoo Linux Security Advisory 202003-35
https://notcve.org/view.php?id=CVE-2019-19269
26 Nov 2019 — An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup. Se detectó un problema en tls_verify_crl en ProFTPD versiones hasta 1.3.6b. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-19270
https://notcve.org/view.php?id=CVE-2019-19270
26 Nov 2019 — An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server. Se detectó un problema en la función tls_verify_crl en ProFTPD versiones hasta 1.3.6b. Un fallo en la comprobación del campo apropiado de una entra... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 1CVE-2019-18217 – Gentoo Linux Security Advisory 202003-35
https://notcve.org/view.php?id=CVE-2019-18217
21 Oct 2019 — ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop. ProFTPD versiones anteriores a 1.3.6b y versiones 1.3.7rc anteriores a 1.3.7rc2, permite una denegación de servicio remota no autenticada debido al manejo incorrecto de comandos demasiado largos porque el archivo main.c en un proceso secundario entra en un bucle infinito. Multiple vulnerabilities have be... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-7418 – Slackware Security Advisory - proftpd Updates
https://notcve.org/view.php?id=CVE-2017-7418
04 Apr 2017 — ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but ... • http://bugs.proftpd.org/show_bug.cgi?id=4295 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-3125
https://notcve.org/view.php?id=CVE-2016-3125
05 Apr 2016 — The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors. El módulo mod_tls en ProFTPD en versiones anteriores a 1.3.5b y 1.3.6 en versiones anteriores a 1.3.6rc2 no maneja correctamente la directiva TLSDHParamFile, lo cual puede causar que se utilice una clave Diffie-Hellman (DH) más dé... • http://bugs.proftpd.org/show_bug.cgi?id=4230 • CWE-254: 7PK - Security Features CWE-310: Cryptographic Issues •