proftpd

• Author: voroskoi
• Vulnerable: 1.3.0-2siwenna1
• Unaffected: 1.3.0-3siwenna1

Evgeny Legerov has reported a vulnerability in ProFTPD, which potentially can be exploited by malicious user’s to compromise a vulnerable system. The vulnerability is caused due to an off-by-one error within the “sreplace()” function in src/support.c. This can be exploited to cause a buffer overflow by e.g. uploading a malicious “.message” file or sending specially crafted commands to the server. Successful exploitation may allow execution of arbitrary code.

• Bug Tracker URL: http://bugs.frugalware.org/task/1461

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815