exploit the possibilities
Showing 1 - 4 of 4 RSS Feed

CVE-2011-4130

Status Candidate

Overview

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.

Related Files

Gentoo Linux Security Advisory 201309-15
Posted Sep 24, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-15 - Multiple vulnerabilities have been found in ProFTPD, the worst of which leading to remote execution of arbitrary code. Versions less than 1.3.4d are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-3555, CVE-2010-3867, CVE-2010-4221, CVE-2010-4652, CVE-2011-1137, CVE-2011-4130, CVE-2012-6095, CVE-2013-4359
MD5 | 255c728eaa41a9d45387aacc972a92bd
Slackware Security Advisory - proftpd Updates
Posted Feb 14, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New proftpd packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2011-4130
MD5 | ca1b4eddc7e6a4059c5ddade7490ffc9
Mandriva Linux Security Advisory 2011-181
Posted Dec 8, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-181 - Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer. The updated packages have been upgraded to the latest version 1.3.3g which is not vulnerable to this issue.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2011-4130
MD5 | a8b86593c1e6f72dc94c32454b7bfcf6
Debian Security Advisory 2346-1
Posted Nov 16, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2346-1 - Several vulnerabilities were discovered in ProFTPD, an FTP server. ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue similar to CVE-2011-0411. ProFTPD uses a response pool after freeing it under exceptional conditions, possibly leading to remote code execution.

tags | advisory, remote, vulnerability, code execution
systems | linux, debian
advisories | CVE-2011-0411, CVE-2011-4130
MD5 | 09e47c9f54c850e4c553afe33bc30cec
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    15 Files
  • 27
    Feb 27th
    15 Files
  • 28
    Feb 28th
    4 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close