Known Vulnerabilities for products from Proftpd
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Proftpd".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-48795 json | 5.9 - MEDIUM | 2023-12-18 | 2024-03-13 | |
| CVE-2021-46854 json | mod_radius in ProFTPD before 1.3.7c allows memory disclosure to RADIUS servers because it copies blocks of 16 characters. | 7.5 - HIGH | 2022-11-23 | 2023-05-03 |
| CVE-2020-9273 json | In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-af... | 8.8 - HIGH | 2020-02-20 | 2023-11-07 |
| CVE-2020-9272 json | ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function. | 7.5 - HIGH | 2020-02-20 | 2021-11-09 |
| CVE-2019-19272 json | An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Direct dereference of a NULL pointer (a variable initializ... | 7.5 - HIGH | 2019-11-26 | 2019-12-11 |
| CVE-2019-19271 json | An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A wrong iteration variable, used when checking a client ce... | 7.5 - HIGH | 2019-11-26 | 2019-12-11 |
| CVE-2019-19270 json | An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entr... | 7.5 - HIGH | 2019-11-26 | 2023-11-07 |
| CVE-2019-19269 json | An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer ... | 4.9 - MEDIUM | 2019-11-30 | 2023-11-07 |
| CVE-2019-18217 json | ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling o... | 7.5 - HIGH | 2019-10-21 | 2023-11-07 |
| CVE-2019-12815 json | An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information dis... | 9.8 - CRITICAL | 2019-07-19 | 2023-11-07 |
| CVE-2017-7418 json | ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link t... | 5.5 - MEDIUM | 2017-04-04 | 2019-08-08 |
| CVE-2016-3125 json | The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, ... | 7.5 - HIGH | 2016-04-05 | 2018-10-30 |
| CVE-2015-3306 json | The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site ... | 10 - HIGH | 2015-05-18 | 2021-05-26 |
| CVE-2013-4359 json | Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (... | 5 - MEDIUM | 2013-09-30 | 2016-12-31 |
| CVE-2012-6095 json | ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files vi... | 1.2 - LOW | 2013-01-24 | 2013-01-25 |
| CVE-2011-4130 json | Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitr... | 9 - HIGH | 2011-12-06 | 2011-12-08 |
| CVE-2011-1137 json | Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of... | 5 - MEDIUM | 2011-03-11 | 2011-09-07 |
| CVE-2010-4652 json | Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is en... | 6.8 - MEDIUM | 2011-02-02 | 2011-03-18 |
| CVE-2010-4221 json | Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote a... | 10 - HIGH | 2010-11-09 | 2011-09-15 |
| CVE-2010-3867 json | Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated ... | 7.1 - HIGH | 2010-11-09 | 2011-09-15 |
Known software with vulnerabilities from Proftpd
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Proftpd | Proftpd | 1.2.0 |