Vulnerabilities > Proftpd

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-51713 Out-of-bounds Read vulnerability in Proftpd
make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.
network
low complexity
proftpd CWE-125
7.5
2023-12-18 CVE-2023-48795 Improper Validation of Integrity Check Value vulnerability in multiple products
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack.
5.9
2022-11-23 CVE-2021-46854 Memory Leak vulnerability in Proftpd
mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters.
network
low complexity
proftpd CWE-401
7.5
2020-02-20 CVE-2020-9273 Use After Free vulnerability in multiple products
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel.
8.8
2020-02-20 CVE-2020-9272 Out-of-bounds Read vulnerability in multiple products
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
network
low complexity
proftpd siemens opensuse CWE-125
7.5
2019-11-30 CVE-2019-19269 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b.
network
low complexity
proftpd fedoraproject debian CWE-476
4.9
2019-11-26 CVE-2019-19272 NULL Pointer Dereference vulnerability in Proftpd
An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6.
network
low complexity
proftpd CWE-476
7.5
2019-11-26 CVE-2019-19271 Improper Certificate Validation vulnerability in Proftpd
An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6.
network
low complexity
proftpd CWE-295
7.5
2019-11-26 CVE-2019-19270 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b.
network
low complexity
proftpd fedoraproject CWE-295
7.5
2019-10-21 CVE-2019-18217 Infinite Loop vulnerability in Proftpd
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
network
low complexity
proftpd CWE-835
7.5