Denial of Service Vulnerability in ProFTPD by ProFTPD Development Team
CVE-2008-7265

Currently unrated

Key Information:

Vendor: Proftpd
Status: Proftpd
Vendor: CVE Published:; 9 November 2010

What is CVE-2008-7265?

The pr_data_xfer function in ProFTPD versions prior to 1.3.2rc3 is susceptible to a Denial of Service attack. Remote authenticated users can exploit this vulnerability by sending an ABOR command during active data transfers, resulting in excessive CPU consumption and degraded performance of the server.

References

http://www.debian.org/security/2011/dsa-2191

vendor-advisoryx_refsource_DEBIAN

http://bugs.proftpd.org/show_bug.cgi?id=3131

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 9, 2010
Vulnerability Reserved
Nov 9, 2010

JSON

Proftpd

What is CVE-2008-7265?

References

Timeline