| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-12815 | 7.5 |
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
|
01-03-2023 - 16:39 | 19-07-2019 - 23:15 | |
| CVE-2019-19269 | 4.0 |
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrato
|
13-01-2020 - 22:15 | 30-11-2019 - 23:15 | |
| CVE-2019-19270 | 5.0 |
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken in
|
13-01-2020 - 22:15 | 26-11-2019 - 04:15 | |
| CVE-2019-18217 | 5.0 |
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
|
27-10-2019 - 21:15 | 21-10-2019 - 04:15 | |
| CVE-2017-7418 | 2.1 |
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlin
|
08-08-2019 - 15:15 | 04-04-2017 - 17:59 |