FreeBSD : proftpd -- Remote Code Execution Vulnerability (cca97f5f-7435-11db-91de-0008743bf21a)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

FrSIRT reports :

A vulnerability has been identified in ProFTPD, which could be
exploited by attackers to cause a denial of service or execute
arbitrary commands. This flaw is due to a buffer overflow error in the
'main.c' file where the 'cmd_buf_size' size of the buffer used to
handle FTP commands sent by clients is not properly set to the size
configured via the 'CommandBufferSize' directive, which could be
exploited by attackers to compromise a vulnerable server via a
specially crafted FTP command.

See also :

Solution :

Update the affected packages.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 23667 (freebsd_pkg_cca97f5f743511db91de0008743bf21a.nasl)

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now