ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
Loading...
Loading...
Score 7.5 from GitHub Security Advisory (severity: HIGH) published 2022-05-24. NVD baseline CVSS 7.5; sources differ by 0.0.
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
October 21, 2019
November 21, 2024
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Every time one of our enrichment pipelines (NVD, MITRE cvelistV5, EPSS, CISA KEV, GHSA, OSV, vendor advisories) ran against this CVE. Most recent first.
Working exploit code is in the public domain. Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
ProFTPD < 1.3.6b - Remote Unauthenticated DoS
Open source ↗See which npm, PyPI, Go, and Maven packages are affected by CVE-2019-18217
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.