Search for vulnerabilities
Vulnerability details: VCID-k6w3-tm9n-aaaf
Vulnerability ID VCID-k6w3-tm9n-aaaf
Aliases CVE-2007-2165
Summary The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd.
Status Published
Exploitability 2.0
Weighted Severity 4.6
Risk 9.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.0135 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.01537 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.02012 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.084 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.52981 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.52981 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.56040 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.56040 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
epss 0.86935 https://api.first.org/data/v1/epss?cve=CVE-2007-2165
cvssv2 5.1 https://nvd.nist.gov/vuln/detail/CVE-2007-2165
Reference id Reference type URL
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=419255
http://bugs.proftpd.org/show_bug.cgi?id=2922
http://osvdb.org/34602
https://api.first.org/data/v1/epss?cve=CVE-2007-2165
https://bugzilla.redhat.com/show_bug.cgi?id=237533
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2165
http://secunia.com/advisories/24867
http://secunia.com/advisories/25724
http://secunia.com/advisories/27516
http://securitytracker.com/id?1017931
https://exchange.xforce.ibmcloud.com/vulnerabilities/33733
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00065.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:130
http://www.securityfocus.com/bid/23546
http://www.vupen.com/english/advisories/2007/1444
cpe:2.3:a:proftpd_project:proftpd:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:proftpd_project:proftpd:*:*:*:*:*:*:*:*
CVE-2007-2165 https://nvd.nist.gov/vuln/detail/CVE-2007-2165
No exploits are available.
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-2165
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.78315
EPSS Score 0.0135
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.