Detections
Analytics

CVE-2006-5815

critical

Description

Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows remote attackers, probably authenticated, to cause a denial of service and execute arbitrary code, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit."

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/30147

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820

http://www.vupen.com/english/advisories/2006/4451

http://www.trustix.org/errata/2006/0070

http://www.trustix.org/errata/2006/0066/

http://www.securityfocus.com/bid/20992

http://www.securityfocus.com/archive/1/452760/100/200/threaded

http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.035-proftpd.html

http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1

http://www.mandriva.com/security/advisories?name=MDKSA-2006:217

http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml

http://www.debian.org/security/2006/dsa-1222

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491

http://securitytracker.com/id?1017167

http://secunia.com/advisories/23207

http://secunia.com/advisories/23184

http://secunia.com/advisories/23179

http://secunia.com/advisories/23174

http://secunia.com/advisories/23125

http://secunia.com/advisories/23069

http://secunia.com/advisories/23000

http://secunia.com/advisories/22821

http://secunia.com/advisories/22803

http://gleg.net/vulndisco_meta.shtml

http://bugs.proftpd.org/show_bug.cgi?id=2858

Details

Source: Mitre, NVD

Published: 2006-11-08

Updated: 2018-10-17

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical