ProFTPD Multiple Remote Overflows (palmetto)

Critical Nessus Plugin ID 10464


Arbitrary code may be run on the remote server.


The remote ProFTPd server is running a 1.2.0preN version.

All the 1.2.0preN versions contain several security flaws that allow an attacker to execute arbitrary code on this host.


Upgrade to a fixed FTP server -

Plugin Details

Severity: Critical

ID: 10464

File Name: proftpd_pre10.nasl

Version: $Revision: 1.23 $

Type: remote

Family: FTP

Published: 2000/07/15

Modified: 2011/12/05

Dependencies: 10092

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 9.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:proftpd:proftpd

Required KB Items: ftp/proftpd

Patch Publication Date: 1999/01/27

Vulnerability Publication Date: 1999/02/09

Reference Information

CVE: CVE-1999-0368

BID: 2242

OSVDB: 9163