CVE-2021-47865

CVE-2021-47865

Name

CVE-2021-47865

Description

ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connections using threading to exhaust server connection limits and block legitimate user access.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
product	http://www.proftpd.org/
product	https://github.com/proftpd/proftpd
exploit	https://www.exploit-db.com/exploits/49697
third-party-advisory	https://www.vulncheck.com/advisories/proftpd-a-remote-denial-of-service
issue-tracking	https://github.com/proftpd/proftpd/issues/1298

Type

URI

product

http://www.proftpd.org/

product

https://github.com/proftpd/proftpd

exploit

https://www.exploit-db.com/exploits/49697

third-party-advisory

https://www.vulncheck.com/advisories/proftpd-a-remote-denial-of-service

issue-tracking

https://github.com/proftpd/proftpd/issues/1298

CPE URI	Source package	Min version	Max version
	proftpd	== 1.3.7a	== None

CPE URI

Source package

Min version

Max version

proftpd

== 1.3.7a

== None

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
proftpd	edge-community	1.3.9b-r1	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	edge-community	1.3.9b-r0	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	edge-community	1.3.9a-r2	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	edge-community	1.3.9-r2	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	edge-community	1.3.9-r1	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	edge-community	1.3.9-r0	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	edge-community	1.3.8c-r0	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	edge-community	1.3.8b-r2	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	edge-community	1.3.8b-r0	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	3.23-community	1.3.9b-r0	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	3.23-community	1.3.9a-r1	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable
proftpd	3.23-community	1.3.9-r1	Simon Frankenberger <simon-alpine@fraho.eu>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

proftpd

edge-community

1.3.9b-r1

Simon Frankenberger <simon-alpine@fraho.eu>

possibly vulnerable

proftpd

edge-community