Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-4652HistoryFeb 02, 2011 - 1:00 a.m.
CVE-2010-4652
2011-02-0201:00:04
Debian Security Bug Tracker
security-tracker.debian.org
30
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.256
Percentile
96.7%
Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | proftpd-dfsg | < 1.3.3a-6 | proftpd-dfsg_1.3.3a-6_all.deb |
| Debian | 11 | all | proftpd-dfsg | < 1.3.3a-6 | proftpd-dfsg_1.3.3a-6_all.deb |
| Debian | 999 | all | proftpd-dfsg | < 1.3.3a-6 | proftpd-dfsg_1.3.3a-6_all.deb |
| Debian | 13 | all | proftpd-dfsg | < 1.3.3a-6 | proftpd-dfsg_1.3.3a-6_all.deb |
Related
nessus
nessus
Fedora 13 : proftpd-1.3.3d-1.fc13 (2011-0613)
2011-01-31 00:00:00
Mandriva Linux Security Advisory : proftpd (MDVSA-2011:023)
2011-02-09 00:00:00
Fedora 14 : proftpd-1.3.3d-1.fc14 (2011-0610)
2011-01-31 00:00:00
ubuntucve
ubuntucve
CVE-2010-4652
2011-02-02 00:00:00
nvd
nvd
CVE-2010-4652
2011-02-02 01:00:04
CVE-2010-4562
2012-02-02 17:55:00
openvas
openvas
Mandriva Update for proftpd MDVSA-2011:023 (proftpd)
2011-02-11 00:00:00
Mandriva Update for proftpd MDVSA-2011:023 (proftpd)
2011-02-11 00:00:00
Fedora Update for proftpd FEDORA-2011-0610
2011-01-31 00:00:00
cvelist
cvelist
CVE-2010-4652
2011-02-02 00:00:00
CVE-2010-4562
2012-02-02 17:00:00
prion
prion
Heap overflow
2011-02-02 01:00:00
Code injection
2012-02-02 17:55:00
cve
cve
CVE-2010-4652
2011-02-02 01:00:04
CVE-2010-4562
2012-02-02 17:55:00
fedora
fedora
[SECURITY] Fedora 13 Update: proftpd-1.3.3d-1.fc13
2011-01-28 19:18:02
[SECURITY] Fedora 14 Update: proftpd-1.3.3d-1.fc14
2011-01-28 19:18:36
[SECURITY] Fedora 14 Update: proftpd-1.3.3e-1.fc14
2011-04-16 20:54:54
debian
debian
[SECURITY] [DSA 2191-1] proftpd security update
2011-03-14 18:47:59
gentoo
gentoo
ProFTPD: Multiple vulnerabilities
2013-09-24 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.256
Percentile
96.7%
Related for DEBIANCVE:CVE-2010-4652