CVE-2011-4130
NONE EPSS 95.8%
Published Dec 6, 201114y ago · Modified Jun 16, 20262w ago
Published Dec 6, 2011 14y ago
Last Modified Jun 16, 2026 2w ago
Description
Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.
Threat Intelligence
EPSS Exploit Probability
95.8% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-399
Affected Products 62
| Vendor | Product | Version | Range |
|---|---|---|---|
| proftpd | proftpd | * | ≤1.3.3 |
| proftpd | proftpd | 1.2.0 | any |
| proftpd | proftpd | 1.2.0 | any |
| proftpd | proftpd | 1.2.0 | any |
| proftpd | proftpd | 1.2.0 | any |
| proftpd | proftpd | 1.2.0 | any |
| proftpd | proftpd | 1.2.0 | any |
| proftpd | proftpd | 1.2.1 | any |
| proftpd | proftpd | 1.2.2 | any |
| proftpd | proftpd | 1.2.2 | any |
| proftpd | proftpd | 1.2.2 | any |
| proftpd | proftpd | 1.2.2 | any |
| proftpd | proftpd | 1.2.3 | any |
| proftpd | proftpd | 1.2.4 | any |
| proftpd | proftpd | 1.2.5 | any |
| proftpd | proftpd | 1.2.5 | any |
| proftpd | proftpd | 1.2.5 | any |
| proftpd | proftpd | 1.2.5 | any |
| proftpd | proftpd | 1.2.6 | any |
| proftpd | proftpd | 1.2.6 | any |
| proftpd | proftpd | 1.2.6 | any |
| proftpd | proftpd | 1.2.7 | any |
| proftpd | proftpd | 1.2.7 | any |
| proftpd | proftpd | 1.2.7 | any |
| proftpd | proftpd | 1.2.7 | any |
| proftpd | proftpd | 1.2.8 | any |
| proftpd | proftpd | 1.2.8 | any |
| proftpd | proftpd | 1.2.8 | any |
| proftpd | proftpd | 1.2.9 | any |
| proftpd | proftpd | 1.2.9 | any |
| proftpd | proftpd | 1.2.9 | any |
| proftpd | proftpd | 1.2.9 | any |
| proftpd | proftpd | 1.2.10 | any |
| proftpd | proftpd | 1.2.10 | any |
| proftpd | proftpd | 1.2.10 | any |
| proftpd | proftpd | 1.2.10 | any |
| proftpd | proftpd | 1.3.0 | any |
| proftpd | proftpd | 1.3.0 | any |
| proftpd | proftpd | 1.3.0 | any |
| proftpd | proftpd | 1.3.0 | any |
| proftpd | proftpd | 1.3.0 | any |
| proftpd | proftpd | 1.3.0 | any |
| proftpd | proftpd | 1.3.0 | any |
| proftpd | proftpd | 1.3.1 | any |
| proftpd | proftpd | 1.3.1 | any |
| proftpd | proftpd | 1.3.1 | any |
| proftpd | proftpd | 1.3.1 | any |
| proftpd | proftpd | 1.3.2 | any |
| proftpd | proftpd | 1.3.2 | any |
| proftpd | proftpd | 1.3.2 | any |
| proftpd | proftpd | 1.3.2 | any |
| proftpd | proftpd | 1.3.2 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
| proftpd | proftpd | 1.3.3 | any |
References 4
- bugs.proftpd.org http://bugs.proftpd.org/show_bug.cgi?id=3711
- proftpd.org http://www.proftpd.org/docs/NEWS-1.3.3g
- securityfocus.com http://www.securityfocus.com/bid/50631
- zerodayinitiative.com http://www.zerodayinitiative.com/advisories/ZDI-11-328/
Remediation
- bugs.proftpd.org http://bugs.proftpd.org/show_bug.cgi?id=3711