rpm package
suse/proftpd&distro=SUSE Linux Enterprise Module for Server Applications 15 SP6
pkg:rpm/suse/proftpd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-57392 | Hig | 7.5 | < 1.3.8b-150600.13.6.1 | 1.3.8b-150600.13.6.1 | Feb 6, 2025 | Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service (DoS) on the FTP service by sending a maliciously crafted message to the ProFTPD service port. | |
| CVE-2024-48651 | Hig | 7.5 | < 1.3.8b-150600.13.6.1 | 1.3.8b-150600.13.6.1 | Nov 29, 2024 | In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from mod_sql. |
- affected < 1.3.8b-150600.13.6.1fixed 1.3.8b-150600.13.6.1
Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote attacker to execute arbitrary code and can cause a Denial of Service (DoS) on the FTP service by sending a maliciously crafted message to the ProFTPD service port.
- affected < 1.3.8b-150600.13.6.1fixed 1.3.8b-150600.13.6.1
In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental groups from mod_sql.