Unrated severityNVD Advisory· Published Nov 30, 2006· Updated Apr 23, 2026

CVE-2006-6170

Description

Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815.

Affected products

Proftpd/Proftpd
cpe:2.3:a:proftpd_project:proftpd:*:*:*:*:*:*:*:*
Range: <=1.3.0a

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

elegerov.blogspot.com/2006/10/do-you-remember-2-years-old-overflow.htmlnvdExploitVendor Advisory
lists.grok.org.uk/pipermail/full-disclosure/2006-November/050935.htmlnvdExploitVendor Advisory
secunia.com/advisories/23141nvdVendor Advisory
bugzilla.redhat.com/bugzilla/show_bug.cginvdVendor Advisory
secunia.com/advisories/23174nvd
secunia.com/advisories/23179nvd
secunia.com/advisories/23184nvd
secunia.com/advisories/23207nvd
slackware.com/security/viewer.phpnvd
www.debian.org/security/2006/dsa-1222nvd
www.gentoo.org/security/en/glsa/glsa-200611-26.xmlnvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/archive/1/452228/100/100/threadednvd
www.securityfocus.com/archive/1/452872/100/0/threadednvd
www.securityfocus.com/archive/1/452993/100/100/threadednvd
www.securityfocus.com/bid/21326nvd
www.trustix.org/errata/2006/0066nvd
www.vupen.com/english/advisories/2006/4745nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30554nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.012
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000