ProFTPD SFTP Integer Overflow vulnerability

Last Update Date: 30 Sep 2013 10:55 Release Date: 30 Sep 2013 3926 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in ProFTPD, which can be exploited by remote user can cause denial of service conditions.

A remote user can send specially crafted data to trigger an integer overflow in the sftp_kbdint_recv_response() function in 'contrib/mod_sftp/kbdint.c' and consume excessive memory resources on the target system.

Systems configured with mod_sftp and mod_sftp_pam are affected.

Impact

  • Denial of Service

System / Technologies affected

  • ProFTPd

Solutions

  • NOTE: Vulnerability has no patch available

Vulnerability Identifier

Source

Related Link

Share with

Previous

FFmpeg Multiple Vulnerabilities

26 Sep 2013 3778 Views

Next

FFmpeg Multiple Vulnerabilities

2 Oct 2013 3954 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY