Main Vulnerability Database SB2011031819

SB2011031819 - Resource management error in ProFTPD

Published: March 18, 2011 Updated: June 23, 2025

Security Bulletin ID SB2011031819

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2008-7265)

The vulnerability allows a remote user to perform service disruption.

The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.

Remediation

Install update from vendor's website.

References

http://bugs.proftpd.org/show_bug.cgi?id=3131
http://www.debian.org/security/2011/dsa-2191