CyberSec.Space Logo
CVEブラウザに戻る

CVE-2006-5815

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile24.02th
Published2006年11月8日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."

Affected Platforms (CPE)

📦
Proftpd Project

Proftpd

<= 1.3.0

References & Advisories

🔗 http://bugs.proftpd.org/show_bug.cgi?id=2858
🔗 http://gleg.net/vulndisco_meta.shtml
🔗 http://secunia.com/advisories/22803
🔗 http://secunia.com/advisories/22821
🔗 http://secunia.com/advisories/23000
🔗 http://secunia.com/advisories/23069
🔗 http://secunia.com/advisories/23125
🔗 http://secunia.com/advisories/23174

関連する脆弱性情報

CVE-2003-050010.0

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote a...

CVE-1999-036810.0

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

CVE-1999-091110.0

Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands...

CVE-2010-422110.0

Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attack...