ProFTPD Prior To 1.3.3g Use-After-Free Remote Code Execution Vulnerability Network Vulnerability

Summary

ProFTPD is prone to a remote code-execution vulnerability. Successful exploits will allow attackers to execute arbitrary code within the context of the application. Failed exploit attempts will result in a denial-of-service condition. ProFTPD prior to 1.3.3g are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://bugs.proftpd.org/show_bug.cgi?id=3711
http://www.proftpd.org
http://www.securityfocus.com/bid/50631
http://www.zerodayinitiative.com/advisories/ZDI-11-328/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4130

CVSS	Base Score: 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

httpdx Multiple Commands Remote Buffer Overflow Vulnerabilities
BisonFTP Multiple Commands Remote Buffer Overflow Vulnerabilities
AceFTP LIST Command Directory Traversal Vulnerability
SolarFTP 'PASV' Command Remote Buffer Overflow Vulnerability
XM Easy Personal FTP Server 'NLST' Command Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities