ProFTPD Multiple Remote Vulnerabilities

ProFTPD Multiple Remote Vulnerabilities

ProFTPD is prone to a remote stack-based buffer-overflow vulnerability and a directory-traversal vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

A remote attacker can exploit the buffer-overflow vulnerability to execute arbitrary code with SYSTEM-level privileges. Failed exploit attempts will result in a denial-of-service condition.

A remote attacker can exploit the directory-traversal vulnerability to download and upload arbitrary files outside of the FTP server root directory. This may aid in further attacks.

ProFTPD version 1.3.3 is vulnerable.