Stack-based buffer overflow in ProFTPD 1.3.0 and earlier

http://www.proftpd.org/

http://bugs.proftpd.org/show_bug.cgi?id=2858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815

Name: CVE-2006-5815 (under review)
Stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier allows
remote attackers to cause a denial of service, as demonstrated by vd_proftpd.pm, a "ProFTPD remote
exploit."

References

* MISC:http://gleg.net/vulndisco_meta.shtml
* CONFIRM:http://bugs.proftpd.org/show_bug.cgi?id=2858
* CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820
* DEBIAN:DSA-1222
* URL:http://www.debian.org/security/2006/dsa-1222
* MANDRIVA:MDKSA-2006:217
* URL:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:217
* OPENPKG:OpenPKG-SA-2006.035
* URL:http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.035-proftpd.html
* TRUSTIX:2006-0066
* URL:http://www.trustix.org/errata/2006/0066/
* BID:20992
* URL:http://www.securityfocus.com/bid/20992
* FRSIRT:ADV-2006-4451
* URL:http://www.frsirt.com/english/advisories/2006/4451
* SECTRACK:1017167
* URL:http://securitytracker.com/id?1017167
* SECUNIA:22803
* URL:http://secunia.com/advisories/22803
* SECUNIA:22821
* URL:http://secunia.com/advisories/22821
* SECUNIA:23000
* URL:http://secunia.com/advisories/23000
* SECUNIA:23069
* URL:http://secunia.com/advisories/23069
* SECUNIA:23125
* URL:http://secunia.com/advisories/23125
* XF:proftpd-code-execution(30147)
* URL:http://xforce.iss.net/xforce/xfdb/30147

관련 링크: http://www.proftpd.org/