Vulnerabilities
Vulnerable Software
Proftpd:  >> Proftpd  >> 1.3.5  Security Vulnerabilities
The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecified impact via unknown vectors.
CVSS Score
7.5
EPSS Score
0.009
Published
2016-04-05
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
CVSS Score
10.0
EPSS Score
0.941
Published
2015-05-18
Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.
CVSS Score
5.0
EPSS Score
0.02
Published
2013-09-30


Contact Us

Shodan ® - All rights reserved