6.6

CVE-2006-6563

Exploit
Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Proftpd ProjectProftpd Version1.3.0
Proftpd ProjectProftpd Version1.3.0a
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.3% 0.81
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.6 2.7 10
AV:L/AC:M/Au:S/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.trustix.org/errata/2006/0074/
http://secunia.com/advisories/23371
Patch
Vendor Advisory
Exploit
http://secunia.com/advisories/23392
http://secunia.com/advisories/23473
http://secunia.com/advisories/24163
http://security.gentoo.org/glsa/glsa-200702-02.xml
http://www.coresecurity.com/?module=ContentMod&action=item&id=1594
Patch
Exploit
http://www.mandriva.com/security/advisories?name=MDKSA-2006:232
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.039.html
http://www.proftpd.org/docs/NEWS-1.3.1rc1
http://www.securityfocus.com/archive/1/454320/100/0/threaded
http://www.securityfocus.com/archive/1/460648/100/0/threaded
http://www.securityfocus.com/archive/1/460756/100/0/threaded
http://www.securityfocus.com/bid/21587
Patch
Exploit
http://www.vupen.com/english/advisories/2006/4998
https://exchange.xforce.ibmcloud.com/vulnerabilities/30906
https://www.exploit-db.com/exploits/3330