Detections
Analytics
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 8.1 / 9.0 / 9.1 : proftpd (SSA:2006-335-02)
critical Nessus Plugin ID 24660
Synopsis
The remote Slackware host is missing a security update.Description
New proftpd packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues.Solution
Update the affected proftpd package.See Also
Plugin Details
Severity: Critical
ID: 24660
File Name: Slackware_SSA_2006-335-02.nasl
Version: 1.17
Type: local
Family: Slackware Local Security Checks
Published: 2/18/2007
Updated: 1/14/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:slackware:slackware_linux:proftpd, cpe:/o:slackware:slackware_linux:10.0, cpe:/o:slackware:slackware_linux:10.1, cpe:/o:slackware:slackware_linux:10.2, cpe:/o:slackware:slackware_linux:11.0, cpe:/o:slackware:slackware_linux:8.1, cpe:/o:slackware:slackware_linux:9.0, cpe:/o:slackware:slackware_linux:9.1
Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/1/2006
Vulnerability Publication Date: 10/5/2006
Exploitable With
Metasploit (ProFTPD 1.2 - 1.3.0 sreplace Buffer Overflow (Linux))
Reference Information
CVE: CVE-2006-5815, CVE-2006-6170, CVE-2006-6171
BID: 20992
CWE: 119
SSA: 2006-335-02