CVE-2006-5815

Properties

Published:
07.11.2006
Updated:
30.11.2006
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
Product:
ProFTPD Project: ProFTPD

Vulnerability description

Buffer overflow in ProFTPD 1.3.0 and earlier, when configured to use the CommandBufferSize directive, allows remote attackers to cause a denial of service, as demonstrated by vd_proftpd.pm, a"ProFTPD remote exploit."

References:

http://gleg.net/vulndisco_meta.shtml: http://gleg.net/vulndisco_meta.shtml
SECTRACK: http://securitytracker.com/id?1017167
BID: http://www.securityfocus.com/bid/20992
FRSIRT: http://www.frsirt.com/english/advisories/2006/4451
SECUNIA: http://secunia.com/advisories/22803
XF: http://xforce.iss.net/xforce/xfdb/30147
DEBIAN: http://www.debian.org/security/2006/dsa-1218
OPENPKG: http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.035-proftpd.html
MANDRIVA: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:217
SECUNIA: http://secunia.com/advisories/22821
SECUNIA: http://secunia.com/advisories/23000
SECUNIA: http://secunia.com/advisories/23069