FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-28 07:09:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
770d7e91-72af-11e7-998a-08606e47f965proftpd -- user chroot escape vulnerability

NVD reports:

ProFTPD ... controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.


Discovery 2017-03-06
Entry 2017-07-27
proftpd
< 1.3.5e

http://bugs.proftpd.org/show_bug.cgi?id=4295
CVE-2017-7418
a733b5ca-06eb-11e6-817f-3085a9a4510dproftpd -- vulnerability in mod_tls

MITRE reports:

The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.


Discovery 2016-03-08
Entry 2016-04-20
proftpd
< 1.3.5b

eq 1.3.6.r1

CVE-2016-3125
533d20e7-f71f-11df-9ae1-000bcdf0a03bproftpd -- remote code execution vulnerability

Tippingpoint reports:

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ProFTPD. Authentication is not required to exploit this vulnerability.

The flaw exists within the proftpd server component which listens by default on TCP port 21. When reading user input if a TELNET_IAC escape sequence is encountered the process miscalculates a buffer length counter value allowing a user controlled copy of data to a stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the proftpd process.


Discovery 2010-11-02
Entry 2010-11-23
proftpd
< 1.3.3c

44562
CVE-2010-4221
http://www.zerodayinitiative.com/advisories/ZDI-10-229/
022a4c77-2da4-11e1-b356-00215c6a37bbproftpd -- arbitrary code execution vulnerability with chroot

The FreeBSD security advisory FreeBSD-SA-11:07.chroot reports:

If ftpd is configured to place a user in a chroot environment, then an attacker who can log in as that user may be able to run arbitrary code(...).

Proftpd shares the same problem of a similar nature.


Discovery 2011-11-30
Entry 2011-12-23
Modified 2012-01-29
FreeBSD
ge 7.3 lt 7.3_9

ge 7.4 lt 7.4_5

ge 8.1 lt 8.1_6

ge 8.2 lt 8.2_5

proftpd
proftpd-mysql
< 1.3.3g_1

proftpd-devel
< 1.3.3.r4_3,1

SA-11:07.chroot
http://seclists.org/fulldisclosure/2011/Nov/452
d0034536-ff24-11e4-a072-d050996490d0proftpd -- arbitrary code execution vulnerability with chroot

ProFTPd development team reports:

Vadim Melihow reported a critical issue with proftpd installations that use the mod_copy module's SITE CPFR/SITE CPTO commands; mod_copy allows these commands to be used by *unauthenticated clients*.


Discovery 2015-04-15
Entry 2015-05-20
proftpd
< 1.3.5_7

CVE-2015-3306
http://bugs.proftpd.org/show_bug.cgi?id=4169