Proftpd Project: >> Proftpd >> 1.2.9_rc1 Security Vulnerabilities
Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
CVSS Score
7.5
EPSS Score
0.026
Published
2005-12-31
Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive.
CVSS Score
6.4
EPSS Score
0.012
Published
2005-07-27
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.
CVSS Score
9.0
EPSS Score
0.397
Published
2003-11-17
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name.
CVSS Score
10.0
EPSS Score
0.016
Published
2003-08-07