Back to search

ProFTPD CommandBufferSize Denial of Service

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) November 22, 2006 February 26, 2007 December 04, 2013

Available Exploits 

Description

Certain versions of ProFTPD contain a bug when parsing the 'CommandBufferSize' attribute out of the ProFTPD configuration file which could allow an attacker to cause a Denial-of-Service condition on the target machine. Note: This vulnerability is disputed by the vendor.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

Upgrade to ProFTPD 1.3.1rc1

Download and apply the upgrade from: ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.1rc1.tar.gz

Upgrade to ProFTPD version 1.3.1rc1, released on December 12, 2006. See the ProFTPD website for more information on the release, including upgrade instructions.

Related Vulnerabilities