ProFTPD Response Pool Use-After-Free Vulnerability
Last Update Date:
14 Nov 2011
Release Date:
11 Nov 2011
5860
Views
RISK: Medium Risk
TYPE: Servers - Internet App Servers
A vulnerability has been identified in ProFTPD, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a use-after-free error when handling response pool allocation lists and can be exploited to corrupt memory.
Successful exploitation may allow execution of arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- ProFTPD 1.3.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 1.3.3g or 1.3.4.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with