← voltar
CVE-2010-4221

CVE-2010-4221

EPSS 91.3%
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.
Produtos afetados
n/a · n/a
PoCs públicas encontradas5
githubgithub.com/M41doror/cve-2010-42212githubgithub.com/Mafiosohack/Offensive-lab-20exploitdbwww.exploit-db.com/exploits/16878não verificadoexploitdbwww.exploit-db.com/exploits/16851não verificadoexploitdbwww.exploit-db.com/exploits/15449não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://bugs.proftpd.org/show_bug.cgi?id=3521http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.htmlhttp://secunia.com/advisories/42052http://secunia.com/advisories/42217http://www.mandriva.com/security/advisories?name=MDVSA-2010:227http://www.proftpd.org/docs/NEWS-1.3.3chttp://www.securityfocus.com/bid/44562http://www.vupen.com/english/advisories/2010/2941http://www.vupen.com/english/advisories/2010/2959http://www.vupen.com/english/advisories/2010/2962