CVE-2006-6563

Exploit

EPSS 0.24%
Veröffentlicht 15.12.2006 11:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 20

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Proftpd Project ≫ Proftpd Version1.3.0

Proftpd Project ≫ Proftpd Version1.3.0a

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.474

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.6	2.7	10	AV:L/AC:M/Au:S/C:C/I:C/A:C

http://www.trustix.org/errata/2006/0074/

http://secunia.com/advisories/23371

Patch

Vendor Advisory

Exploit

http://secunia.com/advisories/23392

http://secunia.com/advisories/23473

http://secunia.com/advisories/24163

http://security.gentoo.org/glsa/glsa-200702-02.xml

http://www.coresecurity.com/?module=ContentMod&action=item&id=1594

Patch

Exploit

http://www.mandriva.com/security/advisories?name=MDKSA-2006:232

http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.039.html

http://www.proftpd.org/docs/NEWS-1.3.1rc1

http://www.securityfocus.com/archive/1/454320/100/0/threaded

http://www.securityfocus.com/archive/1/460648/100/0/threaded

http://www.securityfocus.com/archive/1/460756/100/0/threaded

http://www.securityfocus.com/bid/21587

Patch

Exploit

http://www.vupen.com/english/advisories/2006/4998

https://exchange.xforce.ibmcloud.com/vulnerabilities/30906

https://www.exploit-db.com/exploits/3330

https://nvd.nist.gov/vuln/detail/CVE-2006-6563

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-6563

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-6563

EUVD