CVE-2005-2390

Name of the Vulnerable Software and Affected Versions ProFTPD versions prior to 1.3.0rc2

Description The issue allows attackers to cause a denial of service or obtain sensitive information. This can be achieved via certain inputs to the shutdown message from ftpshut, or the SQLShowInfo mod sql directive.

Recommendations For versions prior to 1.3.0rc2, update to version 1.3.0rc2 or later to resolve the issue. As a temporary workaround, consider restricting access to the mod sql directive and limiting inputs to the shutdown message from ftpshut to minimize the risk of exploitation.