Multiple format string vulnerabilities in ProFTPD by ProFTPD Project
CVE-2005-2390

Currently unrated

Key Information:

Vendor: Proftpd Project
Status: Proftpd
Vendor: CVE Published:; 27 July 2005

🔔 Create Proftpd Project Vulnerability Alert

What is CVE-2005-2390?

ProFTPD versions prior to 1.3.0rc2 are susceptible to multiple format string vulnerabilities that can be exploited by attackers. These vulnerabilities can lead to a denial of service or unauthorized access to sensitive information. Exploitation occurs through specific inputs to the shutdown message during ftpshut operations or by manipulating the SQLShowInfo directive in mod_sql. It is crucial to update to a secure version to safeguard against these risks.

References

http://marc.info/?l=bugtraq&m=112604373503912&w=2

vendor-advisoryx_refsource_OPENPKG

http://www.securityfocus.com/bid/14381

vdb-entryx_refsource_BID

http://www.securityfocus.com/bid/14380

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 27, 2005
Vulnerability Reserved
Jul 27, 2005

JSON