PT-2001-1370 · Proftpd · Proftpd
Published
2001-03-12
·
Updated
2024-01-26
·
CVE-2001-0136
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
ProFTPd version 1.2.0rc2
Description:
The issue allows remote attackers to cause a denial of service via a series of
USER commands, and possibly SIZE commands if the server has been improperly installed.Recommendations:
For ProFTPd version 1.2.0rc2, consider restricting access to the
USER and SIZE commands as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.Exploit
Fix
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Proftpd