ProFTPD Denial Of Service Vulnerability Network Vulnerability

Summary

The host is running ProFTPD and is prone to denial of service vulnerability.

Impact

Successful exploitation will allow attackers to cause a denial of service. Impact Level: Application

Solution

Upgrade to ProFTPD version 1.3.2rc3 or later, For updates refer to http://www.proftpd.org/

Insight

The flaw is due to an error in 'pr_data_xfer()' function which allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.

Affected

ProFTPD versions prior to 1.3.2rc3

References

http://bugs.proftpd.org/show_bug.cgi?id=3131

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-7265
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

War FTP Daemon Directory Traversal
Titan FTP Server directory traversal
NiteServer FTP directory traversal
SmartFTP Client Information Disclosure Vulnerability
ProFTPD Denial of Service Vulnerability

Take action and discover your vulnerabilities