exploits , vulnerabilities , articles , ProFTPD Shutdown Message Format String Vulnerability

Title	ProFTPD Shutdown Message Format String Vulnerability
Published	2005-07-26-12:00AM
Updated	2005-10-04-04:25PM
Class	Input Validation Error
CVE	CAN-2005-2390
Remote	Yes
Local	No
Credit	Discovery is credited to infamous42md.
Vulnerable	Turbolinux Turbolinux Workstation 8.0 Turbolinux Turbolinux Workstation 7.0 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Server 7.0 Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Appliance Server 1.0 Workgroup Edition Trustix Secure Linux 2.2 Trustix Secure Linux 2.1 Trustix Secure Enterprise Linux 2.0 ProFTPD Project ProFTPD 1.3 .0rc1 ProFTPD Project ProFTPD 1.2.10 Debian Linux 3.1 Debian Linux 3.1 alpha Debian Linux 3.1 amd64 Debian Linux 3.1 arm Debian Linux 3.1 hppa Debian Linux 3.1 ia32 Debian Linux 3.1 ia64 Debian Linux 3.1 m68k Debian Linux 3.1 mips Debian Linux 3.1 mipsel Debian Linux 3.1 ppc Debian Linux 3.1 s/390 Debian Linux 3.1 sparc ProFTPD Project ProFTPD 1.2.9 rc3 ProFTPD Project ProFTPD 1.2.9 rc2 ProFTPD Project ProFTPD 1.2.9 rc1 ProFTPD Project ProFTPD 1.2.9 MandrakeSoft Linux Mandrake 10.0 OpenPKG OpenPKG Current OpenPKG OpenPKG 1.3 OpenPKG OpenPKG 2.0 Slackware Linux current Slackware Linux 8.1 Slackware Linux 9.0 Slackware Linux 9.1 ProFTPD Project ProFTPD 1.2.8 rc2 ProFTPD Project ProFTPD 1.2.8 rc1 ProFTPD Project ProFTPD 1.2.8 Slackware Linux current Slackware Linux 8.1 Slackware Linux 9.0 ProFTPD Project ProFTPD 1.2.7 rc3 ProFTPD Project ProFTPD 1.2.7 rc2 ProFTPD Project ProFTPD 1.2.7 rc1 ProFTPD Project ProFTPD 1.2.7 Sun Cobalt Qube 3 ProFTPD Project ProFTPD 1.2.6 ProFTPD Project ProFTPD 1.2.5 rc1 ProFTPD Project ProFTPD 1.2.5 ProFTPD Project ProFTPD 1.2.4 Debian Linux 3.0 Debian Linux 3.0 alpha Debian Linux 3.0 arm Debian Linux 3.0 hppa Debian Linux 3.0 ia32 Debian Linux 3.0 ia64 Debian Linux 3.0 m68k Debian Linux 3.0 mips Debian Linux 3.0 mipsel Debian Linux 3.0 ppc Debian Linux 3.0 s/390 Debian Linux 3.0 sparc ProFTPD Project ProFTPD 1.2.3 ProFTPD Project ProFTPD 1.2.2 rc3 ProFTPD Project ProFTPD 1.2.2 rc1 ProFTPD Project ProFTPD 1.2.2 ProFTPD Project ProFTPD 1.2.1 ProFTPD Project ProFTPD 1.2 pre9 ProFTPD Project ProFTPD 1.2 pre8 ProFTPD Project ProFTPD 1.2 pre7 ProFTPD Project ProFTPD 1.2 pre6 ProFTPD Project ProFTPD 1.2 pre5 ProFTPD Project ProFTPD 1.2 pre4 ProFTPD Project ProFTPD 1.2 pre3 ProFTPD Project ProFTPD 1.2 pre2 ProFTPD Project ProFTPD 1.2 pre11 ProFTPD Project ProFTPD 1.2 pre10 ProFTPD Project ProFTPD 1.2 pre1 ProFTPD Project ProFTPD 1.2 .0rc3 Conectiva Linux ecommerce Conectiva Linux graficas Conectiva Linux 5.0 Conectiva Linux 5.1 Conectiva Linux 6.0 Conectiva Linux 7.0 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 8.0 ppc MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.1 ia64 ProFTPD Project ProFTPD 1.2 .0rc2 ProFTPD Project ProFTPD 1.2 .0rc1 ProFTPD Project ProFTPD 1.2 Cobalt Qube 2.0 Cobalt Qube 3.0 Cobalt RaQ 1.1 Cobalt RaQ 2.0 Cobalt RaQ 3.0 OpenPKG OpenPKG 2.4 OpenPKG OpenPKG 2.3 OpenPKG OpenPKG Current MandrakeSoft Linux Mandrake 10.2 x86_64 MandrakeSoft Linux Mandrake 10.2 MandrakeSoft Linux Mandrake 10.1 x86_64 MandrakeSoft Linux Mandrake 10.1 MandrakeSoft Linux Mandrake 10.0 amd64 MandrakeSoft Linux Mandrake 10.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 Gentoo Linux Conectiva Linux 10.0
Not Vulnerable	ProFTPD Project ProFTPD 1.3 .0rc2
Code	Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: content@securitydot.net <mailto:content@securitydot.net>.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-10 GNU Coreutils Insecure Temporary File Creation Vulnerability
2009-12-10 WebKit SVG Animation Elements User After Free Remote Code Execution Vulnerability
2009-12-10 Moodle Multiple Vulnerabilities
2009-12-10 Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability
2009-12-09 Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
2009-12-09 Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
2009-12-09 Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
2009-12-09 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities
2009-12-09 Shibboleth Redirection URL HTML Injection Vulnerability
2009-12-09 VLC Media Player RTSP Remote Buffer Overflow Vulnerability