Vulnerabilities > Proftpd > Proftpd > 1.3.5

DATE CVE VULNERABILITY TITLE RISK
2016-04-05 CVE-2016-3125 Cryptographic Issues vulnerability in multiple products
The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.
network
low complexity
proftpd opensuse fedoraproject CWE-310
5.0
5.0
2015-05-18 CVE-2015-3306 Improper Access Control vulnerability in Proftpd 1.3.5
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
network
low complexity
proftpd CWE-284
critical
 10.0
10
2013-09-30 CVE-2013-4359 Numeric Errors vulnerability in Proftpd 1.3.4/1.3.5
Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.
network
low complexity
proftpd CWE-189
5.0
5.0