CVE-2015-3306

ProFTPd 1.3.5 - 'mod_copy' Command Execution

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.

El módulo mod_copy en ProFTPD 1.3.5 permite a atacantes remotos leer y escribir en ficheros arbitrarios a través de los comandos site cpfr y site cpto.

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-04-15 CVE Reserved
2015-04-18 CVE Published
2015-06-10 First Exploit
2024-04-24 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-284: Improper Access Control

CAPEC

References (20)

URL	Tag	Source
http://packetstormsecurity.com/files/131505/ProFTPd-1.3.5-File-Copy.html	X_refsource_misc
http://packetstormsecurity.com/files/131555/ProFTPd-1.3.5-Remote-Command-Execution.html	X_refsource_misc
http://packetstormsecurity.com/files/131567/ProFTPd-CPFR-CPTO-Proof-Of-Concept.html	X_refsource_misc
http://packetstormsecurity.com/files/132218/ProFTPD-1.3.5-Mod_Copy-Command-Execution.html	X_refsource_misc
http://packetstormsecurity.com/files/162777/ProFTPd-1.3.5-Remote-Command-Execution.html	X_refsource_misc
http://www.rapid7.com/db/modules/exploit/unix/ftp/proftpd_modcopy_exec	X_refsource_misc
http://www.securityfocus.com/bid/74238	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/37262	2015-06-10
https://www.exploit-db.com/exploits/36803	2024-08-06
https://www.exploit-db.com/exploits/49908	2021-05-26
https://www.exploit-db.com/exploits/36742	2024-08-06
https://github.com/t0kx/exploit-CVE-2015-3306	2017-01-08
https://github.com/davidtavarez/CVE-2015-3306	2017-07-29
https://github.com/cd6629/CVE-2015-3306-Python-PoC	2020-12-24
https://github.com/cdedmondson/Modified-CVE-2015-3306-Exploit	2020-05-15

URL	Date	SRC

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157053.html	2021-05-26
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157054.html	2021-05-26
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157581.html	2021-05-26
http://lists.opensuse.org/opensuse-updates/2015-06/msg00020.html	2021-05-26
http://www.debian.org/security/2015/dsa-3263	2021-05-26

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Proftpd Search vendor "Proftpd"		Proftpd Search vendor "Proftpd" for product "Proftpd"				1.3.5 Search vendor "Proftpd" for product "Proftpd" and version "1.3.5"		-		Affected