CVE-2010-4652

NONE
Published Feb 2, 201115y ago · Modified Jun 16, 20262w ago
Find Similar
Published Feb 2, 2011 15y ago
Last Modified Jun 16, 2026 2w ago

Description

Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 64

VendorProductVersionRange
proftpdproftpd* ≤1.3.3
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.0any
proftpdproftpd1.2.1any
proftpdproftpd1.2.2any
proftpdproftpd1.2.2any
proftpdproftpd1.2.2any
proftpdproftpd1.2.2any
proftpdproftpd1.2.3any
proftpdproftpd1.2.4any
proftpdproftpd1.2.5any
proftpdproftpd1.2.5any
proftpdproftpd1.2.5any
proftpdproftpd1.2.5any
proftpdproftpd1.2.6any
proftpdproftpd1.2.6any
proftpdproftpd1.2.6any
proftpdproftpd1.2.7any
proftpdproftpd1.2.7any
proftpdproftpd1.2.7any
proftpdproftpd1.2.7any
proftpdproftpd1.2.8any
proftpdproftpd1.2.8any
proftpdproftpd1.2.8any
proftpdproftpd1.2.9any
proftpdproftpd1.2.9any
proftpdproftpd1.2.9any
proftpdproftpd1.2.9any
proftpdproftpd1.2.10any
proftpdproftpd1.2.10any
proftpdproftpd1.2.10any
proftpdproftpd1.2.10any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.0any
proftpdproftpd1.3.1any
proftpdproftpd1.3.1any
proftpdproftpd1.3.1any
proftpdproftpd1.3.1any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.2any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any
proftpdproftpd1.3.3any

References 11

  • bugs.proftpd.org http://bugs.proftpd.org/show_bug.cgi?id=3536
    ExploitPatch
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053537.html
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053540.html
  • phrack.org http://phrack.org/issues.html?issue=67&id=7#article
  • proftpd.org http://proftpd.org/docs/RELEASE_NOTES-1.3.3d
  • debian.org http://www.debian.org/security/2011/dsa-2191
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2011:023
  • securityfocus.com http://www.securityfocus.com/bid/44933
  • vupen.com http://www.vupen.com/english/advisories/2011/0248
    Vendor Advisory
  • vupen.com http://www.vupen.com/english/advisories/2011/0331
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=670170
    ExploitPatch

Remediation