vendor:
ProFTPd
by:
Michael Domberg
7.5
CVSS
HIGH
Stack Overflow
119
CWE
Product Name: ProFTPd
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: OpenSuSE 10.2
2008
Exploit for ProFTPd mod_ctrls Vulnerability
Exploit for the ProFTPd mod_ctrls vulnerability. Stack Overflow in function int pr_ctrls_recv_request(pr_crls_cl_t *cl) unchecked buffer for arguments of the module. Connects to the unix domain socket and sends a string that is longer than the buffer (char[512]). Works on OpenSuSE 10.2 on i686.
Mitigation:
Update to the latest version of ProFTPd