CVE-2005-2390

3 documents3 sources

Severity

6.4MEDIUM

EPSS

1.2%

top 20.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Proftpd Project Proftpd

Timeline

PublishedJul 27

Latest updateMay 1

Description

Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive.

CVSS vector

AV:N/AC:L/C:P/I:N/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

▶NVDproftpd_project/proftpd37 versions+36

🔴Vulnerability Details

GHSA

GHSA-mxr8-fr7q-582m: Multiple format string vulnerabilities in ProFTPD before 1↗2022-05-01

▶

CVEList

CVE-2005-2390: Multiple format string vulnerabilities in ProFTPD before 1↗2005-07-27

▶