CVE-2013-4359

Name of the Vulnerable Software and Affected Versions ProFTPD versions 1.3.4d through 1.3.5r3

Description The issue is related to an integer overflow in the mod sftp module of ProFTPD. This occurs when a large response count value is sent in an authentication request, causing excessive memory allocation and leading to a denial of service due to memory consumption.

Recommendations For ProFTPD versions 1.3.4d through 1.3.5r3, consider restricting access to the mod sftp module to minimize the risk of exploitation until a patch is available. As a temporary workaround, limiting the size of authentication requests could help mitigate the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.