PT-2005-5477 · Proftpd · Proftpd

Martin Loewer

Published

2005-12-31

Updated

2008-09-05

CVE-2005-4816

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ProFTPD versions prior to 1.3.0rc2

Description The issue is related to a buffer overflow in the mod radius module, which can be triggered by remote attackers using a long password. This can cause a denial of service, resulting in a crash, and potentially allow the execution of arbitrary code.

Recommendations For versions prior to 1.3.0rc2, update to version 1.3.0rc2 or later to resolve the issue. As a temporary workaround, consider restricting access to the mod radius module to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4816

DSA-1245-1

Affected Products

Proftpd

PT-2005-5477 · Proftpd · Proftpd

CVE-2005-4816

Related Identifiers

Affected Products

References · 9