CVE-2005-2390

Summary

CVE	CVE-2005-2390
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2005-07-27 04:00:00 UTC
Updated	2016-10-18 03:26:00 UTC
Description	Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Proftpd Project	Proftpd	1.2.0_pre10	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_pre9	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.1	All	All	All
Application	Proftpd Project	Proftpd	1.2.10	All	All	All
Application	Proftpd Project	Proftpd	1.2.10_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.10_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.10_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.1_final	All	All	All
Application	Proftpd Project	Proftpd	1.2.2	All	All	All
Application	Proftpd Project	Proftpd	1.2.2_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.2_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.2_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.3	All	All	All
Application	Proftpd Project	Proftpd	1.2.4	All	All	All
Application	Proftpd Project	Proftpd	1.2.5	All	All	All
Application	Proftpd Project	Proftpd	1.2.5_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.5_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.5_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.6	All	All	All
Application	Proftpd Project	Proftpd	1.2.6_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.6_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.6_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.7	All	All	All
Application	Proftpd Project	Proftpd	1.2.7_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.7_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.7_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.8	All	All	All
Application	Proftpd Project	Proftpd	1.2.8_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.8_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.9	All	All	All
Application	Proftpd Project	Proftpd	1.2.9_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.9_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.9_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.3.0_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_pre10	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_pre9	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.0_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.1	All	All	All
Application	Proftpd Project	Proftpd	1.2.10	All	All	All
Application	Proftpd Project	Proftpd	1.2.10_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.10_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.10_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.1_final	All	All	All
Application	Proftpd Project	Proftpd	1.2.2	All	All	All
Application	Proftpd Project	Proftpd	1.2.2_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.2_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.2_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.3	All	All	All
Application	Proftpd Project	Proftpd	1.2.4	All	All	All
Application	Proftpd Project	Proftpd	1.2.5	All	All	All
Application	Proftpd Project	Proftpd	1.2.5_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.5_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.5_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.6	All	All	All
Application	Proftpd Project	Proftpd	1.2.6_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.6_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.6_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.7	All	All	All
Application	Proftpd Project	Proftpd	1.2.7_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.7_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.7_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.2.8	All	All	All
Application	Proftpd Project	Proftpd	1.2.8_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.8_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.9	All	All	All
Application	Proftpd Project	Proftpd	1.2.9_rc1	All	All	All
Application	Proftpd Project	Proftpd	1.2.9_rc2	All	All	All
Application	Proftpd Project	Proftpd	1.2.9_rc3	All	All	All
Application	Proftpd Project	Proftpd	1.3.0_rc1	All	All	All

References

Reference	Source	Link	Tags
ProFTPD Shutdown Message Format String Vulnerability	BID	www.securityfocus.com
404 Not Found	CONFIRM	www.proftpd.org
Secunia - Advisories - ProFTPD Two Format String Vulnerabilities	SECUNIA	secunia.com	Vendor Advisory
'[OpenPKG-SA-2005.020] OpenPKG Security Advisory (proftpd)' - MARC	OPENPKG	marc.info
ProFTPD SQLShowInfo SQL Output Format String Vulnerability	BID	www.securityfocus.com
Debian -- Security Information -- DSA-795-2 proftpd	DEBIAN	www.debian.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.