1.2.9

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

proftpd

CWE-193

NVD

Published: 2004-11-23

Updated: 2024-02-02

Summary

Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command.

Vulnerable Configurations

Part	Description	Count
Application	Proftpd Proftpd Proftpd 1.2.9 Proftpd Proftpd 1.2.7 Proftpd Proftpd 1.2.8	10

Common Weakness Enumeration (CWE)

CWE-193 - Off-by-one Error

References

http://www.securityfocus.com/bid/9782
http://marc.info/?l=bugtraq&m=107824679817240&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/15387