CVE-2013-4359

Related Files

Mandriva Linux Security Advisory 2013-245

Posted Oct 3, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-245 - Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow

systems | linux, mandriva

advisories | CVE-2013-4359

SHA-256 | e4f9f86ca1ec517a8ee256a4c2d1c6b5b638a8a2f18528122bb728d1c874c6cd

Download | Favorite | View

Debian Security Advisory 2767-1

Posted Sep 30, 2013

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2767-1 - Kingcope discovered that the mod_sftp and mod_sftp_pam modules of proftpd, a powerful modular FTP/SFTP/FTPS server, are not properly validating input, before making pool allocations. An attacker can use this flaw to conduct denial of service attacks against the system running proftpd (resource exhaustion).

tags | advisory, denial of service

systems | linux, debian

advisories | CVE-2013-4359

SHA-256 | c168f2c8db8e3b37fe841ca599eabc5bfb2e009d8d467c911111d28986bd4846

Download | Favorite | View

Gentoo Linux Security Advisory 201309-15

Posted Sep 24, 2013

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-15 - Multiple vulnerabilities have been found in ProFTPD, the worst of which leading to remote execution of arbitrary code. Versions less than 1.3.4d are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2009-3555, CVE-2010-3867, CVE-2010-4221, CVE-2010-4652, CVE-2011-1137, CVE-2011-4130, CVE-2012-6095, CVE-2013-4359

SHA-256 | 791bb06b4102a706095adc46d590ae0b5ea0a225e56966180f59fa840c1de6d2

Download | Favorite | View