PT-2025-5877 · Proftpd+3 · Proftpd+3

Br1M4Zz

Published

2025-02-06

Updated

2025-08-29

CVE-2024-57392

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Proftpd version 4017eff8

Description The issue allows a remote attacker to execute arbitrary code and can cause a Denial of Service (DoS) on the FTP service by sending a maliciously crafted message to the ProFTPD service port.

Recommendations For Proftpd version 4017eff8, consider disabling the service until a patch is available to prevent potential exploitation. Restrict access to the ProFTPD service port to minimize the risk of exploitation. Avoid using the ProFTPD service for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

BDU:2025-10684

CVE-2024-57392

DLA-4077-1

MGASA-2025-0081

OESA-2025-2022

OESA-2025-2023

OESA-2025-2024

OESA-2025-2025

OESA-2025-2026

OESA-2025-2083

OPENSUSE-SU-2025:14827-1

OPENSUSE-SU-2025_1028-1

SUSE-SU-2025:1028-1

Affected Products

Debian

Proftpd

Red Os

Suse

PT-2025-5877 · Proftpd+3 · Proftpd+3

CVE-2024-57392

Weakness Enumeration

Related Identifiers

Affected Products

References · 43