Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that the transport protocol implementation in ProFTPD had weak integrity checks. An attacker could use this vulnerability to bypass security features like encryption and integrity checks. (CVE-2023-48795)
Martin Mirchev discovered that ProFTPD did not properly validate user input over the network. An attacker could use this vulnerability to crash ProFTPD or execute arbitrary code. (CVE-2023-51713)
Brian Ristuccia discovered that ProFTPD incorrectly inherited groups from the parent process. An attacker could use this vulnerability to elevate privileges. (CVE-2024-48651)
{ "availability": "No subscription required", "binaries": [ { "binary_name": "proftpd-basic", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-basic-dbgsym", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-dev", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-doc", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-geoip", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-geoip-dbgsym", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-ldap", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-ldap-dbgsym", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-mysql", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-mysql-dbgsym", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-odbc", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-odbc-dbgsym", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-pgsql", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-pgsql-dbgsym", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-snmp", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-snmp-dbgsym", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-sqlite", "binary_version": "1.3.6c-2ubuntu0.1" }, { "binary_name": "proftpd-mod-sqlite-dbgsym", "binary_version": "1.3.6c-2ubuntu0.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "proftpd-basic", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-core", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-core-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-dev", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-doc", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-crypto", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-crypto-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-geoip", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-geoip-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-ldap", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-ldap-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-mysql", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-mysql-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-odbc", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-odbc-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-pgsql", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-pgsql-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-snmp", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-snmp-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-sqlite", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-sqlite-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-wrap", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-wrap-dbgsym", "binary_version": "1.3.7c+dfsg-1ubuntu0.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "proftpd-core", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-core-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-dev", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-doc", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-crypto", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-crypto-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-geoip", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-geoip-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-ldap", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-ldap-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-mysql", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-mysql-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-odbc", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-odbc-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-pgsql", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-pgsql-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-snmp", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-snmp-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-sqlite", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-sqlite-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-wrap", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" }, { "binary_name": "proftpd-mod-wrap-dbgsym", "binary_version": "1.3.8.b+dfsg-2ubuntu1.24.10.1" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "proftpd-core", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-core-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-dev", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-doc", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-crypto", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-crypto-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-geoip", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-geoip-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-ldap", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-ldap-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-mysql", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-mysql-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-odbc", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-odbc-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-pgsql", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-pgsql-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-snmp", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-snmp-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-sqlite", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-sqlite-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-wrap", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" }, { "binary_name": "proftpd-mod-wrap-dbgsym", "binary_version": "1.3.8.b+dfsg-1ubuntu0.1" } ] }