CVE-2008-7265

Severity

40%

Complexity

80%

Confidentiality

48%

The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.

The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.

CVSS 2.0 Base Score 4. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P).

Overview

Type

ProFTPD

First reported 14 years ago

2010-11-09 21:00:00

Last updated 14 years ago

2011-03-18 02:35:00

Affected Software

ProFTPD 1.2.0

1.2.0

ProFTPD 1.2.0pre10

1.2.0

ProFTPD 1.2.0pre9

1.2.0

ProFTPD 1.2.0 release candidate 1

1.2.0

ProFTPD 1.2.0 release candidate 2

1.2.0

ProFTPD 1.2.0 release candidate 3

1.2.0

ProFTPD 1.2.1

1.2.1

ProFTPD 1.2.2

1.2.2

ProFTPD 1.2.2 release candidate 1

1.2.2

ProFTPD 1.2.2 release candidate 2

1.2.2

ProFTPD 1.2.2 release candidate 3

1.2.2

ProFTPD 1.2.3

1.2.3

ProFTPD 1.2.4

1.2.4

ProFTPD 1.2.5

1.2.5

ProFTPD 1.2.5 release candidate 1

1.2.5

ProFTPD 1.2.5 release candidate 2

1.2.5

ProFTPD 1.2.5 release candidate 3

1.2.5

ProFTPD 1.2.6

1.2.6

ProFTPD 1.2.6 release candidate 1

1.2.6

ProFTPD 1.2.6 release candidate 2

1.2.6

ProFTPD 1.2.7

1.2.7

ProFTPD 1.2.7 release candidate 1

1.2.7

ProFTPD 1.2.7 release candidate 2

1.2.7

ProFTPD 1.2.7 release candidate 3

1.2.7

ProFTPD 1.2.8

1.2.8

ProFTPD 1.2.8 release candidate 1

1.2.8

ProFTPD 1.2.8 release candidate 2

1.2.8

ProFTPD 1.2.9

1.2.9

ProFTPD 1.2.9 release candidate 1

1.2.9

ProFTPD 1.2.9 release candidate 2

1.2.9

ProFTPD 1.2.9 release candidate 3

1.2.9

ProFTPD 1.2.10

1.2.10

ProFTPD 1.2.10 release candidate 1

1.2.10

ProFTPD 1.2.10 release candidate 2

1.2.10

ProFTPD 1.2.10 release candidate 3

1.2.10

ProFTPD 1.3.0

1.3.0

ProFTPD 1.3.0a

1.3.0

ProFTPD 1.3.0 release candidate 1

1.3.0

ProFTPD 1.3.0 release candidate 2

1.3.0

ProFTPD 1.3.0 release candidate 3

1.3.0

ProFTPD 1.3.0 release candidate 4

1.3.0

ProFTPD 1.3.0 release candidate 5

1.3.0

ProFTPD 1.3.1

1.3.1

ProFTPD 1.3.1 release candidate 1

1.3.1

ProFTPD 1.3.1 release candidate 2

1.3.1

ProFTPD 1.3.1 release candidate 3

1.3.1

ProFTPD 1.3.2 release candidate 1

1.3.2

References

http://bugs.proftpd.org/show_bug.cgi?id=3131

Patch

DSA-2191

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.