cbcvebase.
CVE-2006-6563
published 2006-12-15

CVE-2006-6563: Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute…

PriorityP337medium6.6CVSS 2.0
AVLACMAuSCCICAC
EXPLOIT
EPSS
2.30%
81.1th percentile
Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.

Affected

3 ranges
VendorProductVersion rangeFixed in
debianproftpd-dfsg< proftpd-dfsg 1.3.0-17 (bookworm)proftpd-dfsg 1.3.0-17 (bookworm)
proftpd_projectproftpd
proftpd_projectproftpd

CVSS provenance

nvdv2.06.6MEDIUMAV:L/AC:M/Au:S/C:C/I:C/A:C
osv6.6MEDIUM
vendor_debian6.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.