CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2010-4221

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0130%
EPSS Percentile36.61th
Published2010年11月9日
Last Modified2026年4月29日

Vulnerability Description

Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.

Affected Platforms (CPE)

📦
Proftpd

Proftpd

= 1.3.2
📦
Proftpd

Proftpd

= 1.3.2
📦
Proftpd

Proftpd

= 1.3.2
📦
Proftpd

Proftpd

= 1.3.2
📦
Proftpd

Proftpd

= 1.3.2
📦
Proftpd

Proftpd

= 1.3.2
📦
Proftpd

Proftpd

= 1.3.2
📦
Proftpd

Proftpd

= 1.3.2
📦
Proftpd

Proftpd

= 1.3.3
📦
Proftpd

Proftpd

= 1.3.3
📦
Proftpd

Proftpd

= 1.3.3
📦
Proftpd

Proftpd

= 1.3.3
📦
Proftpd

Proftpd

= 1.3.3
📦
Proftpd

Proftpd

= 1.3.3
📦
Proftpd

Proftpd

= 1.3.3

References & Advisories

🔗 http://bugs.proftpd.org/show_bug.cgi?id=3521
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.html
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.html
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.html
🔗 http://secunia.com/advisories/42052
🔗 http://secunia.com/advisories/42217
🔗 http://www.mandriva.com/security/advisories?name=MDVSA-2010:227
🔗 http://www.proftpd.org/docs/NEWS-1.3.3c

相關漏洞威脅

CVE-2003-050010.0

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote a...

CVE-1999-036810.0

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

CVE-1999-091110.0

Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands...

CVE-2006-581510.0

Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated,...