This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote FTP server is affected by a local buffer overflow
The remote host is using ProFTPD, a free FTP server for Unix and
According to its banner, the version of ProFTPD installed on the
remote host is earlier than 1.3.1rc1 and is affected by a local,
stack-based buffer overflow. The function 'pr_ctrls_recv_request' in
the file 'src/ctrls.c' belonging to the 'mod_ctrls' module does not
properly handle large values in the 'reqarglen' parameter.
This error can allow a local attacker to execute arbitrary code.
See also :
Upgrade to ProFTPD version 1.3.1rc1 or later.
Risk factor :
Medium / CVSS Base Score : 6.6
CVSS Temporal Score : 5.5
Public Exploit Available : true