FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-29 06:51:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
770d7e91-72af-11e7-998a-08606e47f965proftpd -- user chroot escape vulnerability

NVD reports:

ProFTPD ... controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.


Discovery 2017-03-06
Entry 2017-07-27
proftpd
< 1.3.5e

http://bugs.proftpd.org/show_bug.cgi?id=4295
CVE-2017-7418
ca0841ff-1254-11de-a964-0030843d3802proftpd -- multiple sql injection vulnerabilities

Secunia reports:

Some vulnerabilities have been reported in ProFTPD, which can be exploited by malicious people to conduct SQL injection attacks.

The application improperly sets the character encoding prior to performing SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code in an environment using a multi-byte character encoding.

An error exists in the "mod_sql" module when processing e.g. user names containing '%' characters. This can be exploited to bypass input sanitation routines and manipulate SQL queries by injecting arbitrary SQL code.


Discovery 2009-02-06
Entry 2009-03-16
proftpd
proftpd-mysql
< 1.3.2

proftpd-devel
le 1.3.20080922

CVE-2009-0542
CVE-2009-0543
http://secunia.com/advisories/33842/
http://bugs.proftpd.org/show_bug.cgi?id=3173
http://bugs.proftpd.org/show_bug.cgi?id=3124
http://milw0rm.com/exploits/8037
cca97f5f-7435-11db-91de-0008743bf21aproftpd -- Remote Code Execution Vulnerability

FrSIRT reports:

A vulnerability has been identified in ProFTPD, which could be exploited by attackers to cause a denial of service or execute arbitrary commands. This flaw is due to a buffer overflow error in the "main.c" file where the "cmd_buf_size" size of the buffer used to handle FTP commands sent by clients is not properly set to the size configured via the "CommandBufferSize" directive, which could be exploited by attackers to compromise a vulnerable server via a specially crafted FTP command.


Discovery 2006-11-10
Entry 2006-11-14
Modified 2006-11-15
proftpd
proftpd-mysql
le 1.3.0_2

http://www.frsirt.com/english/advisories/2006/4451
c28f4705-043f-11da-bc08-0001020eed82proftpd -- format string vulnerabilities

The ProFTPD release notes states:

sean found two format string vulnerabilities, one in mod_sql's SQLShowInfo directive, and one involving the 'ftpshut' utility. Both can be considered low risk, as they require active involvement on the part of the site administrator in order to be exploited.

These vulnerabilities could potentially lead to information disclosure, a denial-of-server situation, or execution of arbitrary code with the permissions of the user running ProFTPD.


Discovery 2005-07-26
Entry 2005-08-03
proftpd
proftpd-mysql
< 1.3.0.rc2

CVE-2005-2390
http://www.gentoo.org/security/en/glsa/glsa-200508-02.xml
http://www.proftpd.org/docs/RELEASE_NOTES-1.3.0rc2
cf0fb426-3f96-11d8-b096-0020ed76ef5aProFTPD ASCII translation bug resulting in remote root compromise

A buffer overflow exists in the ProFTPD code that handles translation of newline characters during ASCII-mode file uploads. An attacker may exploit this buffer overflow by uploading a specially crafted file, resulting in code execution and ultimately a remote root compromise.


Discovery 2003-09-23
Entry 2004-01-05
proftpd
< 1.2.8_1

http://xforce.iss.net/xforce/alerts/id/154
CVE-2003-0831
a733b5ca-06eb-11e6-817f-3085a9a4510dproftpd -- vulnerability in mod_tls

MITRE reports:

The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.


Discovery 2016-03-08
Entry 2016-04-20
proftpd
< 1.3.5b

eq 1.3.6.r1

CVE-2016-3125
d0034536-ff24-11e4-a072-d050996490d0proftpd -- arbitrary code execution vulnerability with chroot

ProFTPd development team reports:

Vadim Melihow reported a critical issue with proftpd installations that use the mod_copy module's SITE CPFR/SITE CPTO commands; mod_copy allows these commands to be used by *unauthenticated clients*.


Discovery 2015-04-15
Entry 2015-05-20
proftpd
< 1.3.5_7

CVE-2015-3306
http://bugs.proftpd.org/show_bug.cgi?id=4169
533d20e7-f71f-11df-9ae1-000bcdf0a03bproftpd -- remote code execution vulnerability

Tippingpoint reports:

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ProFTPD. Authentication is not required to exploit this vulnerability.

The flaw exists within the proftpd server component which listens by default on TCP port 21. When reading user input if a TELNET_IAC escape sequence is encountered the process miscalculates a buffer length counter value allowing a user controlled copy of data to a stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the proftpd process.


Discovery 2010-11-02
Entry 2010-11-23
proftpd
< 1.3.3c

44562
CVE-2010-4221
http://www.zerodayinitiative.com/advisories/ZDI-10-229/
3f851b22-89fb-11db-a937-003048116330proftpd -- remote code execution vulnerabilities

The proftpd development team reports that several remote buffer overflows had been found in the proftpd server.


Discovery 2006-11-10
Entry 2006-12-21
proftpd
proftpd-mysql
< 1.3.0_5

CVE-2006-5815
CVE-2006-6170
0f51f2c9-8956-11dd-a6fe-0030843d3802proftpd -- Long Command Processing Vulnerability

Secunia reports:

The vulnerability is caused due to the application truncating an overly long FTP command, and improperly interpreting the remainder string as a new FTP command. This can be exploited to execute arbitrary FTP commands with the privileges of another user by e.g. tricking the user into following malicious link.


Discovery 2008-09-22
Entry 2008-09-23
Modified 2010-05-12
proftpd
proftpd-mysql
< 1.3.2rc2

proftpd-devel
< 1.3.20080922

CVE-2008-4242
CVE-2008-4247
http://secunia.com/advisories/31930/
http://bugs.proftpd.org/show_bug.cgi?id=3115
022a4c77-2da4-11e1-b356-00215c6a37bbproftpd -- arbitrary code execution vulnerability with chroot

The FreeBSD security advisory FreeBSD-SA-11:07.chroot reports:

If ftpd is configured to place a user in a chroot environment, then an attacker who can log in as that user may be able to run arbitrary code(...).

Proftpd shares the same problem of a similar nature.


Discovery 2011-11-30
Entry 2011-12-23
Modified 2012-01-29
FreeBSD
ge 7.3 lt 7.3_9

ge 7.4 lt 7.4_5

ge 8.1 lt 8.1_6

ge 8.2 lt 8.2_5

proftpd
proftpd-mysql
< 1.3.3g_1

proftpd-devel
< 1.3.3.r4_3,1

SA-11:07.chroot
http://seclists.org/fulldisclosure/2011/Nov/452