what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

ProFTPd 1.3.5 Remote Command Execution
Posted May 26, 2021
Authored by Shellbr3ak

ProFTPd version 1.3.5 remote command execution exploit. This is a variant of the original vulnerability discovered in 2015 with credit going to R-73eN.

tags | exploit, remote
advisories | CVE-2015-3306
SHA-256 | 36d3e6266ecfe1baa5561af1301eeadc1a956f587f58731fbeed05f16dec3a89

Related Files

proftpdmodtls.txt
Posted Dec 1, 2006
Authored by Evgeny Legerov

A remote buffer overflow vulnerability has been found in mod_tls module of ProFTPD server. The vulnerability could allow a remote un-authenticated attacker to gain root privileges. All versions including 1.3.0a are affected.

tags | advisory, remote, overflow, root
SHA-256 | 180db6a4b1b074c7ba9c0cbafa633c372cb43221e144a3f006a87b5cc1661238
vd_proftpd.pm.txt
Posted Dec 1, 2006
Authored by Evgeny Legerov | Site gleg.net

A remotely exploitable stack overflow vulnerability has been found in ProFTPD server. The vulnerability allows a remote authenticated attacker to gain root privileges. Versions below 1.3.0a are affected. Exploit included.

tags | exploit, remote, overflow, root
advisories | CVE-2006-5815
SHA-256 | 44821edac050385c866aa37abb8d208e6502ac703ffe9cb2ac41fc9b5ad38c8b
Secunia Security Advisory 22821
Posted Nov 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ProFTPD, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | da4c3881ab9e8123f7a031b721bae2dfac8b2b4ccc6ceb7c6cd1a427596dfa4e
Secunia Security Advisory 23000
Posted Nov 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for proftpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | fb1c61879b3e32dec185d0fb8db946e9cb13f1d0b0ef0e8a9b92cc0e18dfb4f3
Secunia Security Advisory 23069
Posted Nov 26, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for proftpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 12bc6e1a6a15e416f4dd61e4dd7fd0e1f3b8d01a05de62fc6fd834275c5f021f
Debian Linux Security Advisory 1218-1
Posted Nov 22, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1218-1 - It was discovered that the proftpd FTP daemon performs insufficient validation of FTP command buffer size limits, which may lead to denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2006-5815
SHA-256 | 53c1c3fb027239e67fe8aaec759509b59c141ef9cbdf3bf3ae383afdc4b145c1
Mandriva Linux Security Advisory 2006.217
Posted Nov 21, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-217 - As disclosed by an exploit (vd_proftpd.pm) and a related vendor bugfix, a Denial of Service (DoS) vulnerability exists in the FTP server ProFTPD, up to and including version 1.3.0. The flaw is due to both a potential bus error and a definitive buffer overflow in the code which determines the FTP command buffer size limit. The vulnerability can be exploited only if the "CommandBufferSize" directive is explicitly used in the server configuration, which is not the case in the default configuration of ProFTPD.

tags | advisory, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2006-5815
SHA-256 | 061ad57de475b81795f7f9162860d0e6424a67bfe493a75cd523fc34b5103ef9
OpenPKG-SA-2006-035.txt
Posted Nov 19, 2006
Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.035 - As undisclosed by an exploit (vd_proftpd.pm) and a related vendor bugfix, a Denial of Service (DoS) vulnerability exists in the FTP server ProFTPD, up to and including version 1.3.0. The flaw is due to both a potential bus error and a definitive buffer overflow in the code which determines the FTP command buffer size limit. The vulnerability can be exploited only if the "CommandBufferSize" directive is explicitly used in the server configuration -- which is not the case in OpenPKG's default configuration of ProFTPD.

tags | advisory, denial of service, overflow
advisories | CVE-2006-5815
SHA-256 | 9ed99273cbfc967a730fd8f826eceea026990c33c2599e4d71b7ba9c01a9b0fd
Secunia Security Advisory 22803
Posted Nov 10, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Evgeny Legerov has reported a vulnerability in ProFTPD, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 589b634fb842a729a2c23452cf0d06d461c1469ced5dd967d18803d53b0ca7b0
Secunia Security Advisory 16681
Posted Sep 3, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for proftpd. This fixes two vulnerabilities, which can be exploited by malicious users to disclose certain sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | 6bc9adbeb070e2740efe7601698817ffbdfc2a606d197be353790619b512084c
Gentoo Linux Security Advisory 200508-2
Posted Aug 5, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200508-02 - infamous42md reported that ProFTPD is vulnerable to format string vulnerabilities when displaying a shutdown message containing the name of the current directory, and when displaying response messages to the client using information retrieved from a database using mod_sql. Versions less than 1.2.10-r7 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2005-2390
SHA-256 | 92e2e5ba42acd726b76870aec005d5d27b342c3b2d5a94e2daa39a52c0da932d
Secunia Security Advisory 16181
Posted Jul 27, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ProFTPD, which can be exploited by malicious users to disclose certain sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | a7e5d8b6db68ed0f35e66b2344fb5e31fa88e08ae36db4ce0848a82b7cbae890
Gentoo Linux Security Advisory 200502-26
Posted Feb 25, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200502-26 - gprostats, distributed with GProFTPD, is vulnerable to a format string vulnerability, potentially leading to the execution of arbitrary code. Versions below 8.1.9 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
SHA-256 | 5c58385762a2a3d9824fbe2f656c8423e1edcecff5ca57268380e4f2eed46928
proftpdEnum.c
Posted Oct 26, 2004
Authored by Leon Juranic | Site security.lss.hr

Remote proof of concept exploit for the ProFTPD 1.2.x user enumeration vulnerability.

tags | exploit, remote, proof of concept
SHA-256 | 1a9f67d4e3a545bb044fe39bd1c9b16e5d474cf940899ecfd73d586444949990
proftpd12x.txt
Posted Oct 26, 2004
Site security.lss.hr

ProFTPD 1.2.x suffers from a vulnerability that allow for remote user enumeration. It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at the ProFTPD login procedure.

tags | advisory, remote, code execution
SHA-256 | 2f9b4a192cb97ddf88d2f6a8b9f9136a5959de40a1d46bb06e05a1ac3cfe8582
proftp-userdisc.c
Posted Oct 16, 2004
Authored by Leon Juranic | Site security.lss.hr

Side-channel username verification against ProFTPd. Sends the USER command, and sees how long the server takes to respond, indicating whether the user exists or not. Obviously, this may produce false positives on slow network connections.

tags | exploit
SHA-256 | 4c187c9a5ac561e7d40e6812cf15bf9b2bcd4aaf7a0db96b65136cfb08a387f5
cardinal.txt
Posted Mar 2, 2004
Authored by Phantasmal Phantasmagoria

ProFTPD versions below 1.2.9rc3 are susceptible to a couple off-by-one overflows. One was introduced after the patch was written to address the flaws listed here.

tags | advisory, overflow
SHA-256 | 3f4cda1fa89c843e8b48e9db2c38b1267c17f66732fe1a08256f7ad41f9a03d4
pfpoc.c
Posted Oct 14, 2003
Authored by netris

Remote root exploit for ProFTPd 1.2.7-1.2.8.

tags | exploit, remote, root
SHA-256 | 237386f1bbbe4763fb37224b815cedc1bf10ec040c780c7b84f4873ef8f11ac1
proftpdr00t.c
Posted Oct 14, 2003
Authored by Haggis

Remote root exploit for ProFTPd versions 1.2.7 - 1.2.9rc2 that breaks the chroot and uses brute force. Tested against SuSE 8.0/8.1 and RedHat 7.2/8.0.

tags | exploit, remote, root
systems | linux, redhat, suse
SHA-256 | e1b8169e56e2b24443a163f1d695b621b114d4358c11fe13d71fa81194edffd3
iss.ProFTPD.txt
Posted Sep 24, 2003
Site xforce.iss.net

ISS Security Advisory - A flaw in the ProFTPD Unix FTP server versions 1.2.7 through 1.2.9rc2 allows an attacker capable of uploading files the ability to trigger a buffer overflow and execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | unix
SHA-256 | 0b7e33b20eb6e39707bf6f99835e0d7b6a4c02fe435aa0e95c32fea7585d8dee
prodos.sh
Posted Dec 11, 2002
Authored by detach | Site duho.org

Proftpd v1.2.7rc3 and below remote denial of service exploit which requires a ftp user account or anonymous access to the ftp daemon. Consumes nearly all memory and alot of CPU. Tested against slackware 8.1 - proftpd 1.2.4 and 1.2.7rc3.

tags | exploit, remote, denial of service
systems | linux, slackware
SHA-256 | b472b47d7f8b3395438de6ee5627449c27fa18d2e9476e8790d13d7b98047093
iss.summary.6.5
Posted Apr 9, 2001
Site xforce.iss.net

ISS Security Alert Summary for April 5, 2001 - Volume 6 Number 5. 80 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: palm-debug-bypass-password, exchange-malformed-url-dos, mailx-bo, sunftp-gain-access, winzip-zipandemail-bo, broker-ftp-delete-files, broker-ftp-list-directories, indexu-gain-access, fastream-ftp-directory-traversal, slimserve-httpd-directory-traversal, wftpd-pro-bo, irc-tkserv-bo, warftp-directory-traversal, ie-telnet-execute-commands, cisco-aironet-web-access, netscape-directory-server-bo, proftpd-postinst-root, proftpd-var-symlink, man2html-remote-dos, linux-eperl-bo, novell-netware-unauthorized-access, sgmltools-symlink, hp-asecure-dos, ascdc-afterstep-bo, iis-webdav-dos, websweeper-http-dos, foldoc-cgi-execute-commands, slrn-wrapping-bo, mutt-imap-format-string, formmail-anonymous-flooding, halflife-config-file-bo, halflife-exec-bo, halflife-map-bo, halflife-map-format-string, ikonboard-cgi-read-files, timed-remote-dos, imap-ipop2d-ipop3d-bo, rwhod-remote-dos, snmpd-argv-bo, mesa-utahglx-symlink, ftpfs-bo, solaris-snmpxdmid-bo, vbulletin-php-elevate-privileges, mdaemon-webservices-dos, ssh-ssheloop-dos, eudora-html-execute-code, aspseek-scgi-bo, hslctf-http-dos, licq-url-execute-commands, superscout-bypass-filtering, dgux-lpsched-bo, rediplus-weak-security, fcheck-open-execute-commands, ntmail-long-url-dos, vim-elevate-privileges, ufs-ext2fs-data-disclosure, microsoft-invalid-digital-certificates, akopia-interchange-gain-access, solaris-perfmon-create-files, win-userdmp-insecure-permission, compaq-wbm-bypass-proxy, mdaemon-imap-command-dos, hp-newgrp-additional-privileges, lan-suite-webprox-dos, weblogic-browse-directories, solaris-tip-bo, sonicwall-ike-shared-keys, anaconda-clipper-directory-traversal, visual-studio-vbtsql-bo, sco-openserver-deliver-bo, sco-openserver-lpadmin-bo, sco-openserver-lpforms-bo, sco-openserver-lpshut-bo, sco-openserver-lpusers-bo, sco-openserver-recon-bo, sco-openserver-sendmail-bo, inframail-post-dos, cisco-vpn-telnet-dos, website-pro-remote-dos, and win-compressed-password-recovery.

tags | remote, web, cgi, root, php, vulnerability, imap
systems | cisco, linux, solaris
SHA-256 | 60fe83921f94894a09c676373d0623af6b51e719ce9ecd75f68f018ab5f57856
glob-abuse.c
Posted Mar 19, 2001
Authored by R00T-dude

This code exploits a bug in the glob() function used in some ftpd's (like proftpd, netbsd ftpd, iis ftpd). It sends a 'ls' command for which will take up about 100% of a systems memory, creating a very effective dos.

tags | exploit
systems | netbsd
SHA-256 | 7f1cdb3862da20f5231d975f2a3cbd7fb8960b8beeaf13ca49ae65058f1a1479
ftpsed.pl
Posted Mar 19, 2001
Authored by Speedy | Site dutchriot.com

ftpsed.pl is a perl script which exploits a denial of service vulnerability in Proftpd v1.2 and below. Requires a username and password.

tags | exploit, denial of service, perl
SHA-256 | 697c7292c32b0c1b43a2055599df28cd1aac80583e074fdfabc4a4b2853e3725
iss.summary.6.2
Posted Jan 22, 2001
Site xforce.iss.net

ISS Security Alert Summary for January 1, 2001 - Volume 6 Number 2. 115 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: exmh-error-symlink, informix-webdriver-symlink, informix-webdriver-admin-access, zonealarm-mutex-dos, zonealarm-batfile-dos, shockwave-flash-swf-bo, macos-multiple-users, http-cgi-ikonboard, http-cgi-technote-main, xwindows-char-dos, 1stup-mail-server-bo, dialog-symlink, ibm-wcs-admin, http-cgi-technote-print, iis-web-form-submit, hpux-kermit-bo, bsguest-cgi-execute-commands, bslist-cgi-execute-commands, infinite-interchange-dos, oracle-execute-plsql, ksh-redirection-symlink, oracle-webdb-admin-access, infinite-interchange-dos, gnupg-detached-sig-modify, gnupg-reveal-private, zonealarm-nmap-scans, zonealarm-open-shares, win2k-index-service-activex, proftpd-size-memory-leak, weblogic-dot-bo, mdaemon-imap-dos, zope-calculate-roles, itetris-svgalib-path, bsd-ftpd-replydirname-bo, sonata-command-execute, solaris-catman-symlink, solaris-patchadd-symlink, stunnel-format-logfile, hp-top-sys-files, zope-legacy-names, mrj-runtime-malicious-applets, coffeecup-ftp-weak-encryption, watchguard-soho-fragmented-packets, jpilot-perms, mediaservices-dropped-connection-dos, watchguard-soho-web-auth, watchguard-soho-passcfg-reset, http-cgi-simplestguest, safeword-palm-pin-extraction, mdaemon-lock-bypass-password, cisco-catalyst-ssh-mismatch, microsoft-iis-file-disclosure, ezshopper-cgi-file-disclosure, winnt-mstask-dos, bftpd-site-chown-bo, aim-remote-bo, subscribemelite-gain-admin-access, zope-image-file, http-cgi-everythingform, http-cgi-simplestmail, http-cgi-ad, kde-kmail-weak-encryption, aolim-buddyicon-bo, aim-remote-bo, rppppoe-zero-length-dos, proftpd-modsqlpw-unauth-access, gnu-ed-symlink, oops-ftputils-bo, oracle-oidldap-write-permission, foolproof-security-bypass, broadvision-bv1to1-reveal-path, ssldump-format-strings, coldfusion-sample-dos, kerberos4-arbitrary-proxy, kerberos4-auth-packet-overflow, kerberos4-user-config, kerberos4-tmpfile-dos, homeseer-directory-traversal, offline-explorer-reveal-files, imail-smtp-auth-dos, apc-apcupsd-dos, cisco-catalyst-telnet-dos, ultraseek-reveal-path, irc-dreamforge-dns-dos, mailman-alternate-templates, markvision-printer-driver-bo, nt-ras-reg-perms, nt-snmp-reg-perms, nt-mts-reg-perms, irc-bitchx-dns-bo, ibm-db2-gain-access, ibm-db2-dos, vsu-source-routing, vsu-ip-bridging, ftp-servu-homedir-travers, cisco-cbos-web-access, watchguard-soho-get-dos, phone-book-service-bo, cisco-cbos-syn-packets, cisco-cbos-invalid-login, cisco-cbos-icmp-echo, linux-diskcheck-race-symlink, ie-form-file-upload, mssql-xp-paraminfo-bo, majordomo-auth-execute-commands, ie-print-template, aix-piobe-bo, aix-pioout-bo, aix-setclock-bo, aix-enq-bo, aix-digest-bo, and aix-setsenv-bo.

tags | remote, web, overflow, arbitrary, cgi, vulnerability, imap, activex
systems | cisco, linux, windows, solaris, bsd, aix, hpux
SHA-256 | 5e663d9821efd059b23f294cdfa745ad9b5a6aab6c5de4ec2febfa417d586623
Page 4 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close