CVE-2006-6563

Published: Dec 15, 2006Modified: Apr 23, 2026

6.6

Vector

AV:L/AC:M/Au:S/C:C/I:C/A:C

Exploitability: 2.7 / Impact: 10.0

Source: NVD

Description

Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.

Affected (2)

Products: Proftpd Project: Proftpd

Proftpd Project

1 product

Proftpd

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Proftpd Project Proftpd	Version 1.3.0
Proftpd Project Proftpd	Version 1.3.0a

References (34)

http://secunia.com/advisories/23371

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://secunia.com/advisories/23392

Source: cve@mitre.org

http://secunia.com/advisories/23473

Source: cve@mitre.org

http://secunia.com/advisories/24163

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200702-02.xml

Source: cve@mitre.org

http://www.coresecurity.com/?module=ContentMod&action=item&id=1594

Source: cve@mitre.org

ExploitPatch

http://www.mandriva.com/security/advisories?name=MDKSA-2006:232

Source: cve@mitre.org

http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.039.html

Source: cve@mitre.org

http://www.proftpd.org/docs/NEWS-1.3.1rc1

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/454320/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/460648/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/460756/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/21587

Source: cve@mitre.org

ExploitPatch

http://www.trustix.org/errata/2006/0074/

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/4998

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/30906

Source: cve@mitre.org

https://www.exploit-db.com/exploits/3330

Source: cve@mitre.org

http://secunia.com/advisories/23371