Format String Vulnerability in ProFTPD Affects Users of the Open-Source FTP Server
CVE-2001-0318

Currently unrated

Key Information:

Vendor: Proftpd Project
Status: Proftpd
Vendor: CVE Published:; 2 June 2001

🔔 Create Proftpd Project Vulnerability Alert

What is CVE-2001-0318?

A format string vulnerability in ProFTPD version 1.2.0rc2 allows attackers to exploit the server's handling of malformed current working directory inputs. By shutting down the FTP server, potential attackers could execute arbitrary commands, posing a significant risk to the integrity and security of systems running this software. Proper mitigation strategies, including updating to secure versions and validating inputs, are recommended to protect against such threats.

References

http://www.linux-mandrake.com/en/security/2001/MDKSA-2001...

vendor-advisoryx_refsource_MANDRAKE

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...

vendor-advisoryx_refsource_CONECTIVA

https://exchange.xforce.ibmcloud.com/vulnerabilities/6433

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 2, 2001
Vulnerability Reserved
Apr 4, 2001

JSON