Описание
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:proftpd_project:proftpd:1.2:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2.0_rc3:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2.2_rc1:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2.2_rc2:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre1:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre2:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre3:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre4:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre5:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre6:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre7:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre8:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre9:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre10:*:*:*:*:*:*:*
cpe:2.3:a:proftpd_project:proftpd:1.2_pre11:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01085
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 23 лет назад
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verif ...
github
больше 3 лет назад
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
EPSS
Процентиль: 77%
0.01085
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other