Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-4130
HistoryDec 06, 2011 - 12:00 a.m.

CVE-2011-4130

2011-12-0600:00:00
ubuntu.com
ubuntu.com
38

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.4%

JSON

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g
allows remote authenticated users to execute arbitrary code via vectors
involving an error that occurs after an FTP data transfer.

Notes

Author Note
jdstrand 1.3.1 is known not to be affected (see DSA-2346-1) DSA-2346-1 introduced a regression code not affected in 11.10 per udienz

Related

openvas 18
nvd 1
seebug 2
nessus 10
securityvulns 2
slackware 1
fedora 4
prion 1
debiancve 1
cvelist 1
cve 1
debian 1
osv 2
gentoo 1
openvas
openvas
Mandriva Update for proftpd MDVSA-2011:181 (proftpd)
2011-12-09 00:00:00
Debian Security Advisory DSA 2346-2 (proftpd-dfsg)
2012-02-11 00:00:00
Fedora Update for proftpd FEDORA-2011-15765
2012-04-02 00:00:00
nvd
nvd
CVE-2011-4130
2011-12-06 11:55:06
seebug
seebug
ProFTPD Prior To 1.3.3g Use-After-Free θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-12-02 00:00:00
ProFTPDε“εΊ”ζ± ι‡Šζ”ΎεŽι‡η”¨δ»£η ζ‰§θ‘ŒζΌζ΄ž
2011-12-07 00:00:00
nessus
nessus
ProFTPD < 1.3.3g / 1.3.4 Response Pool Use-After-Free Code Execution
2011-11-28 00:00:00
Mandriva Linux Security Advisory : proftpd (MDVSA-2011:181)
2011-12-08 00:00:00
openSUSE Security Update : proftpd (openSUSE-2011-19)
2014-06-13 00:00:00
securityvulns
securityvulns
ProFTPD memory corruption
2011-11-21 00:00:00
[SECURITY] [DSA 2346-1] proftpd-dfsg security update
2011-11-21 00:00:00
slackware
slackware
[slackware-security] proftpd
2012-02-10 17:44:44
fedora
fedora
[SECURITY] Fedora 16 Update: proftpd-1.3.4-1.fc16
2011-11-19 05:59:54
[SECURITY] Fedora 15 Update: proftpd-1.3.4-1.fc15
2011-11-19 06:08:44
[SECURITY] Fedora 16 Update: proftpd-1.3.4b-5.fc16
2013-01-30 00:31:45
prion
prion
Design/Logic Flaw
2011-12-06 11:55:00
debiancve
debiancve
CVE-2011-4130
2011-12-06 11:55:06
cvelist
cvelist
CVE-2011-4130
2011-12-06 11:00:00
cve
cve
CVE-2011-4130
2011-12-06 11:55:06
debian
debian
[SECURITY] [DSA 2346-1] proftpd-dfsg security update
2011-11-15 20:39:09
osv
osv
proftpd-dfsg - several
2011-11-16 00:00:00
proftpd-dfsg - several
2011-11-16 00:00:00
gentoo
gentoo
ProFTPD: Multiple vulnerabilities
2013-09-24 00:00:00

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.4%

JSON
Related for UB:CVE-2011-4130
openvas18nvd1seebug2nessus10securityvulns2slackware1fedora4prion1debiancve1cvelist1cve1debian1osv2gentoo1