CVE Reference: CVE-2006-5815

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-5815

Description:
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/30147

TRUSTIX
  http://www.trustix.org/errata/2006/0070
  http://www.trustix.org/errata/2006/0066/

ST
  1017167

SLACKWARE
  http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491

SAID
  Secunia Advisory: SA23069
  Secunia Advisory: SA23125
  Secunia Advisory: SA23000
  Secunia Advisory: SA22803
  Secunia Advisory: SA22821
  Secunia Advisory: SA23174
  Secunia Advisory: SA23179
  Secunia Advisory: SA23184
  Secunia Advisory: SA23207

OPENPKG
  http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.035-proftpd.html

MISC
  http://gleg.net/vulndisco_meta.shtml

MANDRIVA
  http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:217
  http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml

DEBIAN
  http://www.debian.org/security/2006/dsa-1222

CONFIRM
  http://bugs.proftpd.org/show_bug.cgi?id=2858

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/452760/100/200/threaded

BID
  20992


Return to the previous page.