Filtered by vendor Proftpd
Subscribe
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4652 | 1 Proftpd | 1 Proftpd | 2011-03-17 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query. | |||||
CVE-2008-7265 | 1 Proftpd | 1 Proftpd | 2011-03-17 | 4.0 MEDIUM | N/A |
The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer. | |||||
CVE-2009-0543 | 1 Proftpd | 1 Proftpd | 2009-06-08 | 6.8 MEDIUM | N/A |
ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres. |