Vulnerabilities > Proftpd > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-07-19 CVE-2019-12815 Improper Handling of Exceptional Conditions vulnerability in multiple products
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
network
low complexity
proftpd fedoraproject debian siemens CWE-755
critical
9.8
2015-05-18 CVE-2015-3306 Improper Access Control vulnerability in Proftpd 1.3.5
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
network
low complexity
proftpd CWE-284
critical
10.0
2011-12-06 CVE-2011-4130 Resource Management Errors vulnerability in Proftpd
Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.
network
low complexity
proftpd CWE-399
critical
9.0
2010-11-09 CVE-2010-4221 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Proftpd 1.3.2/1.3.3
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.
network
low complexity
proftpd CWE-119
critical
10.0