CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-0432

ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://bugs.proftpd.org/show_bug.cgi?id=2267
http://marc.info/?l=bugtraq&m=108335030208523&w=2
http://marc.info/?l=bugtraq&m=108335051011341&w=2
http://secunia.com/advisories/11527
http://www.mandriva.com/security/advisories?name=MDKSA-2004:041
http://www.securityfocus.com/bid/10252
https://exchange.xforce.ibmcloud.com/vulnerabilities/16038
http://bugs.proftpd.org/show_bug.cgi?id=2267
http://marc.info/?l=bugtraq&m=108335030208523&w=2
http://marc.info/?l=bugtraq&m=108335051011341&w=2
http://secunia.com/advisories/11527
http://www.mandriva.com/security/advisories?name=MDKSA-2004:041
http://www.securityfocus.com/bid/10252
https://exchange.xforce.ibmcloud.com/vulnerabilities/16038

Products affected by CVE-2004-0432

Proftpd Project » Proftpd » Version: 1.2.9

cpe:2.3:a:proftpd_project:proftpd:1.2.9
Gentoo » Linux » Version: 0.5

cpe:2.3:o:gentoo:linux:0.5
Gentoo » Linux » Version: 0.7

cpe:2.3:o:gentoo:linux:0.7
Gentoo » Linux » Version: 1.1a

cpe:2.3:o:gentoo:linux:1.1a
Gentoo » Linux » Version: 1.2

cpe:2.3:o:gentoo:linux:1.2
Gentoo » Linux » Version: 1.4

cpe:2.3:o:gentoo:linux:1.4
Trustix » Secure Linux » Version: 2.0

cpe:2.3:o:trustix:secure_linux:2.0
Trustix » Secure Linux » Version: 2.1

cpe:2.3:o:trustix:secure_linux:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-0432

Products

Pricing

Contact Us