ID:4486 - Exploit for Input validation error in ProFTPD - CVE-2011-1137

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:4486 - Exploit for Input validation error in ProFTPD - CVE-2011-1137

ID:4486 - Exploit for Input validation error in ProFTPD - CVE-2011-1137

Published: August 11, 2020


Vulnerability identifier: #VU45231
Vulnerability risk: Medium
CVE-ID: CVE-2011-1137
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
ProFTPD

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.


Remediation

Install update from vendor's website.