Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-y3j2-e8hq-w3em
Summary
Multiple vulnerabilities have been found in ProFTPD, the worst of
    which leading to remote execution of arbitrary code.
Aliases
0
alias CVE-2010-4221
Fixed_packages
0
url pkg:deb/debian/proftpd-dfsg@1.3.3a-5?distro=trixie
purl pkg:deb/debian/proftpd-dfsg@1.3.3a-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.3a-5%3Fdistro=trixie
1
url pkg:deb/debian/proftpd-dfsg@1.3.3a-6squeeze7
purl pkg:deb/debian/proftpd-dfsg@1.3.3a-6squeeze7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17q4-65b3-mbbg
1
vulnerability VCID-6kef-2azs-xugx
2
vulnerability VCID-6zv5-sn2d-ffa6
3
vulnerability VCID-73rz-xdrz-ryez
4
vulnerability VCID-8yrv-hee2-9qdc
5
vulnerability VCID-c26f-t6bh-fkc6
6
vulnerability VCID-cbu1-85d6-5bhz
7
vulnerability VCID-fn5e-rmve-c3f4
8
vulnerability VCID-gw9f-rc1s-8udd
9
vulnerability VCID-jczb-y4fh-xucn
10
vulnerability VCID-jxke-yeum-8fh2
11
vulnerability VCID-jzn6-bzzf-nugp
12
vulnerability VCID-n5dr-ejmr-2ug9
13
vulnerability VCID-pcah-e3hh-gbd7
14
vulnerability VCID-r4vc-yu6n-kkhe
15
vulnerability VCID-tc5c-pyzn-ekh1
16
vulnerability VCID-u7k3-9pb6-nqa8
17
vulnerability VCID-wwz1-zb24-7qgy
18
vulnerability VCID-xeeh-rpu9-63g6
19
vulnerability VCID-xmjm-ep49-1uh2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.3a-6squeeze7
2
url pkg:deb/debian/proftpd-dfsg@1.3.7a%2Bdfsg-12%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/proftpd-dfsg@1.3.7a%2Bdfsg-12%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.7a%252Bdfsg-12%252Bdeb11u2%3Fdistro=trixie
3
url pkg:deb/debian/proftpd-dfsg@1.3.8%2Bdfsg-4%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/proftpd-dfsg@1.3.8%2Bdfsg-4%2Bdeb12u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gw9f-rc1s-8udd
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8%252Bdfsg-4%252Bdeb12u4%3Fdistro=trixie
4
url pkg:deb/debian/proftpd-dfsg@1.3.8.c%2Bdfsg-4%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/proftpd-dfsg@1.3.8.c%2Bdfsg-4%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.8.c%252Bdfsg-4%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4?distro=trixie
purl pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.9~dfsg-4%3Fdistro=trixie
6
url pkg:ebuild/net-ftp/proftpd@1.3.4d
purl pkg:ebuild/net-ftp/proftpd@1.3.4d
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/net-ftp/proftpd@1.3.4d
Affected_packages
0
url pkg:deb/debian/proftpd-dfsg@1.3.0-19
purl pkg:deb/debian/proftpd-dfsg@1.3.0-19
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17q4-65b3-mbbg
1
vulnerability VCID-1hz3-91g9-6baf
2
vulnerability VCID-55bs-th2b-cbfy
3
vulnerability VCID-6kef-2azs-xugx
4
vulnerability VCID-6zv5-sn2d-ffa6
5
vulnerability VCID-73rz-xdrz-ryez
6
vulnerability VCID-8yrv-hee2-9qdc
7
vulnerability VCID-bgf6-swz8-j7bt
8
vulnerability VCID-c26f-t6bh-fkc6
9
vulnerability VCID-cbu1-85d6-5bhz
10
vulnerability VCID-fn5e-rmve-c3f4
11
vulnerability VCID-gskk-nnr5-ukac
12
vulnerability VCID-gw9f-rc1s-8udd
13
vulnerability VCID-jczb-y4fh-xucn
14
vulnerability VCID-jxke-yeum-8fh2
15
vulnerability VCID-jzn6-bzzf-nugp
16
vulnerability VCID-n5dr-ejmr-2ug9
17
vulnerability VCID-pcah-e3hh-gbd7
18
vulnerability VCID-r4vc-yu6n-kkhe
19
vulnerability VCID-s84k-unmk-ubgt
20
vulnerability VCID-tc5c-pyzn-ekh1
21
vulnerability VCID-u7k3-9pb6-nqa8
22
vulnerability VCID-u8pb-1kgt-z3fp
23
vulnerability VCID-v1n2-dgwq-6bgh
24
vulnerability VCID-v3k9-71y7-e7bu
25
vulnerability VCID-wwz1-zb24-7qgy
26
vulnerability VCID-xeeh-rpu9-63g6
27
vulnerability VCID-xmjm-ep49-1uh2
28
vulnerability VCID-y3j2-e8hq-w3em
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.0-19
1
url pkg:deb/debian/proftpd-dfsg@1.3.0-19etch3
purl pkg:deb/debian/proftpd-dfsg@1.3.0-19etch3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17q4-65b3-mbbg
1
vulnerability VCID-1hz3-91g9-6baf
2
vulnerability VCID-55bs-th2b-cbfy
3
vulnerability VCID-6kef-2azs-xugx
4
vulnerability VCID-6zv5-sn2d-ffa6
5
vulnerability VCID-73rz-xdrz-ryez
6
vulnerability VCID-8yrv-hee2-9qdc
7
vulnerability VCID-bgf6-swz8-j7bt
8
vulnerability VCID-c26f-t6bh-fkc6
9
vulnerability VCID-cbu1-85d6-5bhz
10
vulnerability VCID-fn5e-rmve-c3f4
11
vulnerability VCID-gskk-nnr5-ukac
12
vulnerability VCID-gw9f-rc1s-8udd
13
vulnerability VCID-jczb-y4fh-xucn
14
vulnerability VCID-jxke-yeum-8fh2
15
vulnerability VCID-jzn6-bzzf-nugp
16
vulnerability VCID-n5dr-ejmr-2ug9
17
vulnerability VCID-pcah-e3hh-gbd7
18
vulnerability VCID-r4vc-yu6n-kkhe
19
vulnerability VCID-s84k-unmk-ubgt
20
vulnerability VCID-tc5c-pyzn-ekh1
21
vulnerability VCID-u7k3-9pb6-nqa8
22
vulnerability VCID-u8pb-1kgt-z3fp
23
vulnerability VCID-v1n2-dgwq-6bgh
24
vulnerability VCID-v3k9-71y7-e7bu
25
vulnerability VCID-wwz1-zb24-7qgy
26
vulnerability VCID-xeeh-rpu9-63g6
27
vulnerability VCID-xmjm-ep49-1uh2
28
vulnerability VCID-y3j2-e8hq-w3em
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.0-19etch3
2
url pkg:deb/debian/proftpd-dfsg@1.3.1-17lenny9
purl pkg:deb/debian/proftpd-dfsg@1.3.1-17lenny9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-17q4-65b3-mbbg
1
vulnerability VCID-1hz3-91g9-6baf
2
vulnerability VCID-55bs-th2b-cbfy
3
vulnerability VCID-6kef-2azs-xugx
4
vulnerability VCID-6zv5-sn2d-ffa6
5
vulnerability VCID-73rz-xdrz-ryez
6
vulnerability VCID-8yrv-hee2-9qdc
7
vulnerability VCID-bgf6-swz8-j7bt
8
vulnerability VCID-c26f-t6bh-fkc6
9
vulnerability VCID-cbu1-85d6-5bhz
10
vulnerability VCID-fn5e-rmve-c3f4
11
vulnerability VCID-gw9f-rc1s-8udd
12
vulnerability VCID-jczb-y4fh-xucn
13
vulnerability VCID-jxke-yeum-8fh2
14
vulnerability VCID-jzn6-bzzf-nugp
15
vulnerability VCID-n5dr-ejmr-2ug9
16
vulnerability VCID-pcah-e3hh-gbd7
17
vulnerability VCID-r4vc-yu6n-kkhe
18
vulnerability VCID-s84k-unmk-ubgt
19
vulnerability VCID-tc5c-pyzn-ekh1
20
vulnerability VCID-u7k3-9pb6-nqa8
21
vulnerability VCID-u8pb-1kgt-z3fp
22
vulnerability VCID-v3k9-71y7-e7bu
23
vulnerability VCID-wwz1-zb24-7qgy
24
vulnerability VCID-xeeh-rpu9-63g6
25
vulnerability VCID-xmjm-ep49-1uh2
26
vulnerability VCID-y3j2-e8hq-w3em
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/proftpd-dfsg@1.3.1-17lenny9
References
0
reference_url http://bugs.proftpd.org/show_bug.cgi?id=3521
reference_id
reference_type
scores
url http://bugs.proftpd.org/show_bug.cgi?id=3521
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4221
reference_id
reference_type
scores
0
value 0.91093
scoring_system epss
scoring_elements 0.9964
published_at 2026-04-04T12:55:00Z
1
value 0.91093
scoring_system epss
scoring_elements 0.99639
published_at 2026-04-02T12:55:00Z
2
value 0.91093
scoring_system epss
scoring_elements 0.99642
published_at 2026-04-11T12:55:00Z
3
value 0.91093
scoring_system epss
scoring_elements 0.99643
published_at 2026-04-13T12:55:00Z
4
value 0.91093
scoring_system epss
scoring_elements 0.99644
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4221
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4221
6
reference_url http://secunia.com/advisories/42052
reference_id
reference_type
scores
url http://secunia.com/advisories/42052
7
reference_url http://secunia.com/advisories/42217
reference_id
reference_type
scores
url http://secunia.com/advisories/42217
8
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2010:227
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2010:227
9
reference_url http://www.proftpd.org/docs/NEWS-1.3.3c
reference_id
reference_type
scores
url http://www.proftpd.org/docs/NEWS-1.3.3c
10
reference_url http://www.securityfocus.com/bid/44562
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/44562
11
reference_url http://www.vupen.com/english/advisories/2010/2941
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/2941
12
reference_url http://www.vupen.com/english/advisories/2010/2959
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/2959
13
reference_url http://www.vupen.com/english/advisories/2010/2962
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2010/2962
14
reference_url http://www.zerodayinitiative.com/advisories/ZDI-10-229/
reference_id
reference_type
scores
url http://www.zerodayinitiative.com/advisories/ZDI-10-229/
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602279
reference_id 602279
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602279
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:a:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.2:a:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:a:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:b:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.2:b:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:b:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:c:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.2:c:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:c:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:d:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.2:d:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:d:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:e:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.2:e:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:e:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:a:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.3:a:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:a:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:b:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.3:b:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:b:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:rc4:*:*:*:*:*:*
reference_id cpe:2.3:a:proftpd:proftpd:1.3.3:rc4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd:proftpd:1.3.3:rc4:*:*:*:*:*:*
31
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/15449.pl
reference_id CVE-2010-4221
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/15449.pl
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-4221
reference_id CVE-2010-4221
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2010-4221
33
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16851.rb
reference_id CVE-2010-4221;OSVDB-68985
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16851.rb
34
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16878.rb
reference_id CVE-2010-4221;OSVDB-68985
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16878.rb
35
reference_url https://security.gentoo.org/glsa/201309-15
reference_id GLSA-201309-15
reference_type
scores
url https://security.gentoo.org/glsa/201309-15
Weaknesses
0
cwe_id 119
name Improper Restriction of Operations within the Bounds of a Memory Buffer
description The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Exploits
0
date_added 2010-11-07
description ProFTPd IAC 1.3.x - Remote Command Execution
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2010-11-07
exploit_type remote
platform linux
source_date_updated 2016-12-04
data_source Exploit-DB
source_url
1
date_added null
description 
This module exploits a stack-based buffer overflow in versions of ProFTPD
          server between versions 1.3.2rc3 and 1.3.3b. By sending data containing a
          large number of Telnet IAC commands, an attacker can corrupt memory and
          execute arbitrary code.

          The Debian Squeeze version of the exploit uses a little ROP stub to indirectly
          transfer the flow of execution to a pool buffer (the cmd_rec "res" in
          "pr_cmd_read").

          The Ubuntu version uses a ROP stager to mmap RWX memory, copy a small stub
          to it, and execute the stub. The stub then copies the remainder of the payload
          in and executes it.

          NOTE: Most Linux distributions either do not ship a vulnerable version of
          ProFTPD, or they ship a version compiled with stack smashing protection.

          Although SSP significantly reduces the probability of a single attempt
          succeeding, it will not prevent exploitation. Since the daemon forks in a
          default configuration, the cookie value will remain the same despite
          some attempts failing. By making repeated requests, an attacker can eventually
          guess the cookie value and exploit the vulnerability.

          The cookie in Ubuntu has 24-bits of entropy. This reduces the effectiveness
          and could allow exploitation in semi-reasonable amount of time.
required_action null
due_date null
notes 
Stability:
  - crash-service-down
SideEffects:
  - ioc-in-logs
Reliability:
  - unreliable-session
known_ransomware_campaign_use false
source_date_published 2010-11-01
exploit_type null
platform Linux
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/ftp/proftp_telnet_iac.rb
Severity_range_score10.0 - 10.0
Exploitability2.0
Weighted_severity9.0
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-y3j2-e8hq-w3em