Unrated severityNVD Advisory· Published May 18, 2015· Updated Jun 17, 2026
CVE-2015-3306
CVE-2015-3306
Description
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
14- www.exploit-db.com/exploits/36742/nvdExploit
- www.exploit-db.com/exploits/36803/nvdExploit
- lists.fedoraproject.org/pipermail/package-announce/2015-May/157053.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-May/157054.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2015-May/157581.htmlnvd
- lists.opensuse.org/opensuse-updates/2015-06/msg00020.htmlnvd
- packetstormsecurity.com/files/131505/ProFTPd-1.3.5-File-Copy.htmlnvd
- packetstormsecurity.com/files/131555/ProFTPd-1.3.5-Remote-Command-Execution.htmlnvd
- packetstormsecurity.com/files/131567/ProFTPd-CPFR-CPTO-Proof-Of-Concept.htmlnvd
- packetstormsecurity.com/files/132218/ProFTPD-1.3.5-Mod_Copy-Command-Execution.htmlnvd
- packetstormsecurity.com/files/162777/ProFTPd-1.3.5-Remote-Command-Execution.htmlnvd
- www.debian.org/security/2015/dsa-3263nvd
- www.rapid7.com/db/modules/exploit/unix/ftp/proftpd_modcopy_execnvd
- www.securityfocus.com/bid/74238nvd
News mentions
0No linked articles in our index yet.