BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
CVE-2006-5815: remote code execution in ProFTPD Nov 27 2006 04:37PM
John Morrissey (jwm proftpd org)
=======
Summary
=======

On 6 November 2006, Evgeny Legerov <admin (at) gleg (dot) net [email concealed]> posted to BUGTRAQ[1],
announcing his commercial VulnDisco Pack for Metasploit 2.7[2]. One of the
included exploits, vd_proftpd.pm, takes advantage of an off-by-one string
manipulation flaw in ProFTPD's sreplace() function t...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus