CyberSec.Space Logo
Back to CVE Browser

CVE-2006-5815

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile24.02th
PublishedNov 8, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."

Affected Platforms (CPE)

πŸ“¦
Proftpd Project

Proftpd

<= 1.3.0

References & Advisories

πŸ”— http://bugs.proftpd.org/show_bug.cgi?id=2858
πŸ”— http://gleg.net/vulndisco_meta.shtml
πŸ”— http://secunia.com/advisories/22803
πŸ”— http://secunia.com/advisories/22821
πŸ”— http://secunia.com/advisories/23000
πŸ”— http://secunia.com/advisories/23069
πŸ”— http://secunia.com/advisories/23125
πŸ”— http://secunia.com/advisories/23174

Related Vulnerabilities

CVE-2003-050010.0

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote a...

CVE-1999-036810.0

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

CVE-1999-091110.0

Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands...

CVE-2010-422110.0

Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attack...