exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

ProFTPd 1.3.5 Remote Command Execution
Posted May 26, 2021
Authored by Shellbr3ak

ProFTPd version 1.3.5 remote command execution exploit. This is a variant of the original vulnerability discovered in 2015 with credit going to R-73eN.

tags | exploit, remote
advisories | CVE-2015-3306
SHA-256 | 36d3e6266ecfe1baa5561af1301eeadc1a956f587f58731fbeed05f16dec3a89

Related Files

Mandriva Linux Security Advisory 2010-227
Posted Nov 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3867, CVE-2010-4221
SHA-256 | a6a929924a2a4e416021de37391ae322365e7a942efcedc03f1b0a657de2be0c
Secunia Security Advisory 42217
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes multiple vulnerabilities, which can be exploited by malicious users to manipulate certain data and malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | 935835595154a67760183f1ef165aa344fad7c5c20bb9da7d93531059c0837b0
Zero Day Initiative Advisory 10-229
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-229 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ProFTPD. Authentication is not required to exploit this vulnerability. The flaw exists within the proftpd server component which listens by default on TCP port 21. When reading user input if a TELNET_IAC escape sequence is encountered the process miscalculates a buffer length counter value allowing a user controlled copy of data to a stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the proftpd process.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 7431c58a12dec7ec81a1cb7105d04361591fe1e23f29451c020292509334b56c
ProFTPD IAC Remote Root Exploit
Posted Nov 8, 2010
Authored by Kingcope

ProFTPD IAC remote root exploit for versions 1.3.3, 1.3.3a and 1.3.2a/e/c.

tags | exploit, remote, root
SHA-256 | ad63bce947283be1225a9c0f6124df424564efd77965f253fa2f9da15adffefd
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow
Posted Nov 5, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in versions of ProFTPD server between versions 1.3.2rc3 and 1.3.3b. By sending data containing a large number of Telnet IAC commands, an attacker can corrupt memory and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2010-3867
SHA-256 | b15672f8816cee6c5988bd4043b73fa81269c6b63d7afa9bf7db5a1b33c80105
Secunia Security Advisory 42047
Posted Nov 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for proftpd. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, slackware
SHA-256 | 3e2d54165e9a95f4328393b3e4c5b04fdcb68ecb92f6fb2282fb5ccec03aa918
Secunia Security Advisory 42052
Posted Nov 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ProFTPD, which can be exploited by malicious users to manipulate certain data and malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | c8d8a7749b87305d0b76378cdcdfeb3cd076f7f0bf0d6b90dfec9c2358a4e0a2
Secunia Security Advisory 37968
Posted Dec 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | linux, fedora
SHA-256 | b47a09a91d38c7ddbb9171a4682bc28f6733020468f09b9ad9df6aaf56c39461
Secunia Security Advisory 37640
Posted Dec 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ProFTPD, which can be exploited by malicious people to manipulate certain data.

tags | advisory
SHA-256 | 317da7ec8a4a3c7fdf52037e343370f510e570e2bbe99468d550f4f4a75f5379
Secunia Security Advisory 37406
Posted Nov 18, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, fedora
SHA-256 | 5420632da5cdc39c0480b0363e2062db3e7f0156b632b55ead1e122a6613680b
Debian Linux Security Advisory 1925-1
Posted Nov 3, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1925-1 - It has been discovered that proftpd-dfsg, a virtual-hosting FTP daemon, does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, when the dNSNameRequired TLS option is enabled.

tags | advisory
systems | linux, debian
advisories | CVE-2009-3639
SHA-256 | 58b810f5fa37b676da5a978bc004bd482565cedd80006fcc98dfbf0f8581d1c7
Secunia Security Advisory 37219
Posted Nov 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for proftpd-dfsg. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, debian
SHA-256 | 79bb47501d78206a19d99a1d7db93ca3d907f8b6d7a7b17cf3243cca3982f7fb
Mandriva Linux Security Advisory 2009-288
Posted Oct 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-288 - The mod_tls module in proftpd < 1.3.2b is vulnerable to a similar security issue as CVE-2009-2408. This update fixes these vulnerability.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-2408
SHA-256 | 0e8d72525416ecf43373f296880c86846c238d5af213c156135bba25e17696f4
Secunia Security Advisory 37131
Posted Oct 26, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in ProFTPD, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 63f3bde629529c42aaa7d6cc95dba47301b42978deac310b0f0ca28a611b8a0b
ProFTPd 1.3.0 mod_ctrls Local Root Exploit
Posted Oct 12, 2009
Authored by Michael Domberg | Site devtarget.org

ProFTPd version 1.3.0 mod_ctrls local stack overflow root exploit that binds a shell to port 19091.

tags | exploit, overflow, shell, local, root
SHA-256 | ddbfe7d762887600b38f4dc106d97604c67613c6e9563372c4756a28d17514cf
Secunia Security Advisory 36862
Posted Sep 25, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
systems | linux, fedora
SHA-256 | a17e86a1eede64a592fa366b655874cea451da098c1d5aa4a689b8b0b1b1022a
Secunia Security Advisory 34268
Posted Mar 13, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for proftpd. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
systems | linux, gentoo
SHA-256 | cec4c6acf9055302a8179fa1a541ff7a8879ea2f8507c531b949c7ae0758f77b
Gentoo Linux Security Advisory 200903-27
Posted Mar 13, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-27 - Two vulnerabilities in ProFTPD might allow for SQL injection attacks. Versions less than 1.3.2 are affected.

tags | advisory, vulnerability, sql injection
systems | linux, gentoo
advisories | CVE-2009-0542, CVE-2009-0543
SHA-256 | 813e42985782b31eee7369aed9314721c49e60b35e51a550fdea4c56f1c57707
Debian Linux Security Advisory 1730-1
Posted Mar 2, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1730-1 - The security update for proftpd-dfsg in DSA-1727-1 caused a regression with the postgresql backend. This update corrects the flaw. Also it was discovered that the oldstable distribution (etch) is not affected by the security issues.

tags | advisory
systems | linux, debian
advisories | CVE-2009-0542, CVE-2009-0543
SHA-256 | 422c018fd821493e6bba8fd79fc76a6860442a69113ba1ce44662dd4dc848dfb
Secunia Security Advisory 34031
Posted Feb 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for proftpd-dfsg. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
systems | linux, debian
SHA-256 | c99e77408c7e941799a625041f053551470234d2644e1df5a3d6e384289950b3
Debian Linux Security Advisory 1727-1
Posted Feb 26, 2009
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1727-1 - Two SQL injection vulnerabilities have been found in proftpd, a virtual-hosting FTP daemon.

tags | advisory, vulnerability, sql injection
systems | linux, debian
advisories | CVE-2009-0542, CVE-2009-0543
SHA-256 | 47abce559e797db348b4d30522fc51cbae738bb95901abb7c97f0871b5df8ee3
ProFTPd With mod_mysql Authentication Bypass
Posted Feb 11, 2009
Authored by AlpHaNiX

Remote exploit for the authentication bypass vulnerability in ProFTPd using mod_mysql.

tags | exploit, remote, sql injection, bypass
SHA-256 | e1f5b601f8af81df0b2624222de455c263ed411d290e7259eac220962b0c67c4
Secunia Security Advisory 33842
Posted Feb 9, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ProFTPD, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 020281f0669fdedd6419e4c468b6bcf906a7ec6fe95f165fed3b676dd5debf81
Secunia Security Advisory 33413
Posted Jan 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes a vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
systems | linux, fedora
SHA-256 | 19d5ee47d9d1b1fb209692070f099bfe89a86d199d411ec7bea3f0087ab7630c
Debian Linux Security Advisory 1689-1
Posted Dec 30, 2008
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1689-1 - Maksymilian Arciemowicz of securityreason.com reported that ProFTPD is vulnerable to cross-site request forgery (CSRF) attacks and executes arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.

tags | advisory, web, arbitrary, csrf
systems | linux, debian
advisories | CVE-2008-4242
SHA-256 | 0de29b8fab2fefaeabb052720b162b9a757b181550eb52d0a9b16f8641460152
Page 2 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close