icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

ProFTPd ASCII Newline Character Overflow

High

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running a version of ProFTPd which seems to be vulnerable to a buffer overflow when a user downloads a malformed ASCII file. An attacker with upload privileges on this host may abuse this flaw to gain a root shell on this host.

Solution

Upgrade to ProFTPd 1.2.9 or 1.2.8p or higher.