CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2CVE-2023-51713 – Ubuntu Security Notice USN-7297-1
https://notcve.org/view.php?id=CVE-2023-51713
22 Dec 2023 — make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics. make_ftp_cmd en main.c en ProFTPD anterior a 1.3.8a tiene una lectura fuera de los límites de un byte y el daemon falla debido a un mal manejo de las semánticas de quote/backslash. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that the transport protocol implementation in ProFTPD had weak integrity checks. An attacker could use this vulnera... • https://github.com/proftpd/proftpd/blob/1.3.8/NEWS • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 69%CPEs: 79EXPL: 3CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2021-46854 – Gentoo Linux Security Advisory 202305-03
https://notcve.org/view.php?id=CVE-2021-46854
23 Nov 2022 — mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters. mod_radius en ProFTPD anterior a 1.3.7c permite la divulgación de memoria a servidores RADIUS porque copia bloques de 16 caracteres. A vulnerability has been discovered in ProFTPd which could result in memory disclosure. Versions less than 1.3.7c are affected. • http://www.proftpd.org/docs/RELEASE_NOTES-1.3.7e • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.0EPSS: 50%CPEs: 13EXPL: 1CVE-2020-9273 – Debian Security Advisory 4635-1
https://notcve.org/view.php?id=CVE-2020-9273
20 Feb 2020 — In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution. En ProFTPD versión 1.3.7, es posible corromper los grupos de memoria mediante la interrupción del canal de transferencia de datos. Esto conlleva a un uso de la memoria previamente liberada en la función alloc_pool en el archivo pool.c, y una posible ejecución de código remota. Antonio Morales discovered an user-afte... • https://github.com/ptef/CVE-2020-9273 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 1CVE-2019-18217 – Gentoo Linux Security Advisory 202003-35
https://notcve.org/view.php?id=CVE-2019-18217
21 Oct 2019 — ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop. ProFTPD versiones anteriores a 1.3.6b y versiones 1.3.7rc anteriores a 1.3.7rc2, permite una denegación de servicio remota no autenticada debido al manejo incorrecto de comandos demasiado largos porque el archivo main.c en un proceso secundario entra en un bucle infinito. Multiple vulnerabilities have be... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •