Proftpd Project: >> Proftpd >> 1.2 Security Vulnerabilities
Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
CVSS Score
7.5
EPSS Score
0.026
Published
2005-12-31
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
CVSS Score
7.5
EPSS Score
0.011
Published
2001-12-31
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
CVSS Score
4.6
EPSS Score
0.001
Published
1999-11-19