This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Proftpd First view 2001-03-12
Product Proftpd Last view 2020-02-20
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:proftpd:proftpd:1.3.2:*:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.2:c:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.2:a:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.2:b:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.1:*:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.2:d:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.2:e:*:*:*:*:*:* 16
cpe:2.3:a:proftpd:proftpd:1.3.0:rc2:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.0:rc3:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.1:rc1:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.2.0:rc2:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.0:*:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.0:rc1:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.2.10:*:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.1:rc3:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.0:a:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.2.10:rc3:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.2.10:rc1:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.0:rc5:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.1:rc2:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.2:rc2:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.0:rc4:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.2.10:rc2:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.3.2:rc1:*:*:*:*:*:* 15
cpe:2.3:a:proftpd:proftpd:1.2.7:*:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.8:*:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.2:*:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.0:rc3:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.3.3:a:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.8:rc2:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.2:rc2:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.4:*:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.0:rc1:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.3.3:b:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.2:rc3:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.9:rc3:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.7:rc3:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.6:rc1:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.3.3:*:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.7:rc1:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.6:*:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.7:rc2:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.6:rc2:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.3:*:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.2.9:rc1:*:*:*:*:*:* 14
cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:*:*:*:*:*:* 14

Related : CVE

  Date Alert Description
8.8 2020-02-20 CVE-2020-9273

In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.

7.5 2020-02-20 CVE-2020-9272

ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.

4.9 2019-11-30 CVE-2019-19269

An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.

7.5 2019-11-26 CVE-2019-19272

An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initialized to NULL) leads to a crash when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.

7.5 2019-11-26 CVE-2019-19271

An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client certificate against CRL entries (installed by a system administrator), can cause some CRL entries to be ignored, and can allow clients whose certificates have been revoked to proceed with a connection to the server.

7.5 2019-11-26 CVE-2019-19270

An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.

7.5 2019-10-21 CVE-2019-18217

ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.

9.8 2019-07-19 CVE-2019-12815

An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.

5.5 2017-04-04 CVE-2017-7418

ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but can reconfigure the home directory of an FTP user.

7.5 2016-04-05 CVE-2016-3125

The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.

10 2015-05-18 CVE-2015-3306

The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.

5 2013-09-30 CVE-2013-4359

Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.

1.2 2013-01-24 CVE-2012-6095

ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.

9 2011-12-06 CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.

5 2011-03-11 CVE-2011-1137

Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.

6.8 2011-02-01 CVE-2010-4652

Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query.

10 2010-11-09 CVE-2010-4221

Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.

7.1 2010-11-09 CVE-2010-3867

Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.

4 2010-11-09 CVE-2008-7265

The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.

5.8 2009-10-28 CVE-2009-3639

The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, which allows remote attackers to bypass intended client-hostname restrictions via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.

6.8 2009-02-12 CVE-2009-0543

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.

5 2001-03-12 CVE-2001-0136

Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.

CWE : Common Weakness Enumeration

%idName
13% (3) CWE-399 Resource Management Errors
9% (2) CWE-476 NULL Pointer Dereference
9% (2) CWE-310 Cryptographic Issues
9% (2) CWE-295 Certificate Issues
9% (2) CWE-284 Access Control (Authorization) Issues
9% (2) CWE-189 Numeric Errors
9% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
4% (1) CWE-416 Use After Free
4% (1) CWE-362 Race Condition
4% (1) CWE-254 Security Features
4% (1) CWE-125 Out-of-bounds Read
4% (1) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
4% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
4% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:7963 DSA-1727 proftpd-dfsg -- SQL injection vulnerabilities
oval:org.mitre.oval:def:7391 DSA-1730 proftpd-dfsg -- SQL injection vulnerabilities
oval:org.mitre.oval:def:13553 DSA-1730-1 proftpd-dfsg -- SQL injection vulnerabilites
oval:org.mitre.oval:def:12886 DSA-1727-1 proftpd-dfsg -- SQL injection vulnerabilites
oval:org.mitre.oval:def:7684 DSA-1925 proftpd-dfsg -- insufficient input validation
oval:org.mitre.oval:def:13366 DSA-1925-1 proftpd-dfsg -- insufficient input validation
oval:org.mitre.oval:def:12814 DSA-2185-1 proftpd-dfsg -- integer overflow
oval:org.mitre.oval:def:19810 DSA-2606-1 proftpd-dfsg - symlink race
oval:org.mitre.oval:def:19988 DSA-2767-1 proftpd-dfsg - denial of service

SAINT Exploits

Description Link
ProFTPD mod_copy command execution More info here
ProFTPD Telnet IAC buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

id Description
77004 ProFTPD Use-After-Free Response Pool Allocation List Parsing Remote Memory Co...
70868 ProFTPD mod_sftp Component SSH Payload DoS
70782 ProFTPD contrib/mod_sql.c sql_prepare_where Function Crafted Username Handlin...
69200 ProFTPD pr_data_xfer Function ABOR Command Remote DoS
68988 ProFTPD mod_site_misc Module Multiple Command Traversal Arbitrary File Manipu...
68985 ProFTPD netio.c pr_netio_telnet_gets Function TELNET_IAC Escape Sequence Remo...
59292 ProFTPD mod_tls Module Certificate Authority (CA) subjectAltName Field Null B...
51954 ProFTPD Server NLS Support mod_sql_* Encoded Multibyte Character SQL Injectio...
51849 ProFTPD Character Encoding SQL Injection
7166 ProFTPD SIZE Command Memory Leak DoS
7165 ProFTPD USER Command Memory Leak DoS

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-09-10 Name : Slackware Advisory SSA:2012-041-04 proftpd
File : nvt/esoft_slk_ssa_2012_041_04.nasl
2012-04-02 Name : Fedora Update for proftpd FEDORA-2011-15765
File : nvt/gb_fedora_2011_15765_proftpd_fc16.nasl
2012-02-11 Name : Debian Security Advisory DSA 2346-1 (proftpd-dfsg)
File : nvt/deb_2346_1.nasl
2011-12-09 Name : Mandriva Update for proftpd MDVSA-2011:181 (proftpd)
File : nvt/gb_mandriva_MDVSA_2011_181.nasl
2011-11-21 Name : Fedora Update for proftpd FEDORA-2011-15741
File : nvt/gb_fedora_2011_15741_proftpd_fc14.nasl
2011-11-21 Name : Fedora Update for proftpd FEDORA-2011-15740
File : nvt/gb_fedora_2011_15740_proftpd_fc15.nasl
2011-11-15 Name : ProFTPD Prior To 1.3.3g Use-After-Free Remote Code Execution Vulnerability
File : nvt/gb_proftpd_50631.nasl
2011-05-12 Name : Debian Security Advisory DSA 2185-1 (proftpd-dfsg)
File : nvt/deb_2185_1.nasl
2011-05-12 Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg)
File : nvt/deb_2191_1.nasl
2011-04-21 Name : Fedora Update for proftpd FEDORA-2011-5040
File : nvt/gb_fedora_2011_5040_proftpd_fc14.nasl
2011-04-21 Name : Fedora Update for proftpd FEDORA-2011-5033
File : nvt/gb_fedora_2011_5033_proftpd_fc13.nasl
2011-02-11 Name : Mandriva Update for proftpd MDVSA-2011:023 (proftpd)
File : nvt/gb_mandriva_MDVSA_2011_023.nasl
2011-01-31 Name : Fedora Update for proftpd FEDORA-2011-0610
File : nvt/gb_fedora_2011_0610_proftpd_fc14.nasl
2011-01-31 Name : Fedora Update for proftpd FEDORA-2011-0613
File : nvt/gb_fedora_2011_0613_proftpd_fc13.nasl
2011-01-24 Name : FreeBSD Ports: proftpd
File : nvt/freebsd_proftpd7.nasl
2010-12-02 Name : Fedora Update for proftpd FEDORA-2010-17091
File : nvt/gb_fedora_2010_17091_proftpd_fc14.nasl
2010-11-30 Name : ProFTPD Denial of Service Vulnerability
File : nvt/gb_proftpd_dos_vuln.nasl
2010-11-30 Name : ProFTPD Multiple Remote Vulnerabilities
File : nvt/gb_proftpd_mult_vuln.nasl
2010-11-16 Name : Fedora Update for proftpd FEDORA-2010-17098
File : nvt/gb_fedora_2010_17098_proftpd_fc13.nasl
2010-11-16 Name : Fedora Update for proftpd FEDORA-2010-17220
File : nvt/gb_fedora_2010_17220_proftpd_fc12.nasl
2010-11-16 Name : Mandriva Update for proftpd MDVSA-2010:227 (proftpd)
File : nvt/gb_mandriva_MDVSA_2010_227.nasl
2009-12-30 Name : Fedora Core 11 FEDORA-2009-13236 (proftpd)
File : nvt/fcore_2009_13236.nasl
2009-11-23 Name : Fedora Core 10 FEDORA-2009-11666 (proftpd)
File : nvt/fcore_2009_11666.nasl
2009-11-23 Name : Fedora Core 11 FEDORA-2009-11649 (proftpd)
File : nvt/fcore_2009_11649.nasl
2009-11-11 Name : Debian Security Advisory DSA 1925-1 (proftpd-dfsg)
File : nvt/deb_1925_1.nasl

Snort® IPS/IDS

Date Description
2015-06-17 ProFTPD mod_copy unauthenticated file copy attempt
RuleID : 34447 - Type : POLICY-OTHER - Revision : 4
2015-05-28 ProFTPD mod_copy remote code execution attempt
RuleID : 34225 - Type : PROTOCOL-FTP - Revision : 5
2014-01-10 ProFTPD mod_site_misc module directory traversal attempt
RuleID : 18326 - Type : PROTOCOL-FTP - Revision : 7

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-07-28 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_770d7e9172af11e7998a08606e47f965.nasl - Type: ACT_GATHER_INFO
2017-07-17 Name: The remote Fedora host is missing a security update.
File: fedora_2017-5a01498b4b.nasl - Type: ACT_GATHER_INFO
2017-04-24 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2017-112-03.nasl - Type: ACT_GATHER_INFO
2017-04-20 Name: The remote Fedora host is missing a security update.
File: fedora_2017-c6f424c3ff.nasl - Type: ACT_GATHER_INFO
2017-04-19 Name: The remote Fedora host is missing a security update.
File: fedora_2017-e15e37b689.nasl - Type: ACT_GATHER_INFO
2017-04-18 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-481.nasl - Type: ACT_GATHER_INFO
2016-06-14 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-713.nasl - Type: ACT_GATHER_INFO
2016-05-20 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-603.nasl - Type: ACT_GATHER_INFO
2016-04-21 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_a733b5ca06eb11e6817f3085a9a4510d.nasl - Type: ACT_GATHER_INFO
2016-03-28 Name: The remote Fedora host is missing a security update.
File: fedora_2016-ac3587be9a.nasl - Type: ACT_GATHER_INFO
2016-03-21 Name: The remote Fedora host is missing a security update.
File: fedora_2016-977d57cf2d.nasl - Type: ACT_GATHER_INFO
2016-03-21 Name: The remote Fedora host is missing a security update.
File: fedora_2016-f95d8ea3ad.nasl - Type: ACT_GATHER_INFO
2015-06-16 Name: The remote host is running a ProFTPD module that is affected by an informatio...
File: proftpd_1_3_5_info_disc.nasl - Type: ACT_ATTACK
2015-06-12 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-410.nasl - Type: ACT_GATHER_INFO
2015-05-21 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_d0034536ff2411e4a072d050996490d0.nasl - Type: ACT_GATHER_INFO
2015-05-20 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3263.nasl - Type: ACT_GATHER_INFO
2015-05-11 Name: The remote Fedora host is missing a security update.
File: fedora_2015-7086.nasl - Type: ACT_GATHER_INFO
2015-05-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-6401.nasl - Type: ACT_GATHER_INFO
2015-05-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-7164.nasl - Type: ACT_GATHER_INFO
2015-04-22 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2015-111-12.nasl - Type: ACT_GATHER_INFO
2015-01-19 Name: The remote Solaris system is missing a security patch for third-party software.
File: solaris11_proftpd_20130924.nasl - Type: ACT_GATHER_INFO
2015-01-19 Name: The remote Solaris system is missing a security patch for third-party software.
File: solaris11_proftpd_20120119.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2013-778.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2011-19.nasl - Type: ACT_GATHER_INFO
2013-10-15 Name: The remote ProFTP daemon is affected by a buffer overflow vulnerability.
File: proftpd_rce.nasl - Type: ACT_DESTRUCTIVE_ATTACK