ProFTPD "mod_tls" Buffer Overflow
|8||(AV:N/AC:L/Au:N/C:P/I:P/A:P)||November 28, 2006||January 31, 2007||February 13, 2015|
ProFTPD is vulnerable to a buffer overflow in the "tls_x509_name_oneline()" function in mod_tls.c which may allow an attacker to run arbitrary code under the user context of the ProFTPD process.
Successful exploitation of this vulnerability requires that mod_tls is compiled into ProFTPD.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
- URL: http://elegerov.blogspot.com/2006/10/do-you-remember-2-years-old-overflow.html
- URL: http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050935.html
- URL: http://www.frsirt.com/english/advisories/2006/4745
- URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1
- URL: http://www.securityfocus.com/archive/1/archive/1/452228/100/100/threaded
- URL: http://www.securityfocus.com/archive/1/archive/1/452872/100/0/threaded
- URL: http://www.securityfocus.com/archive/1/archive/1/452993/100/100/threaded
- URL: http://www.trustix.org/errata/2006/0066
- URL: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820