Vulnerabilities > Proftpd > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-22 | CVE-2023-51713 | Out-of-bounds Read vulnerability in Proftpd make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics. | 7.5 |
2022-11-23 | CVE-2021-46854 | Memory Leak vulnerability in Proftpd mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters. | 7.5 |
2020-02-20 | CVE-2020-9273 | Use After Free vulnerability in multiple products In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. | 8.8 |
2020-02-20 | CVE-2020-9272 | Out-of-bounds Read vulnerability in multiple products ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function. | 7.5 |
2019-11-26 | CVE-2019-19272 | NULL Pointer Dereference vulnerability in Proftpd An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. | 7.5 |
2019-11-26 | CVE-2019-19271 | Improper Certificate Validation vulnerability in Proftpd An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. | 7.5 |
2019-11-26 | CVE-2019-19270 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. | 7.5 |
2019-10-21 | CVE-2019-18217 | Infinite Loop vulnerability in Proftpd ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop. | 7.5 |
2016-04-05 | CVE-2016-3125 | 7PK - Security Features vulnerability in multiple products The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors. | 7.5 |
2004-11-23 | CVE-2004-0346 | Off-by-one Error vulnerability in Proftpd 1.2.7/1.2.8/1.2.9 Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command. | 7.8 |