CVE-2005-4816

Description

Buffer overflow in mod_radius in ProFTPD before 1.3.0rc2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.

How to fix CVE-2005-4816

To remediate CVE-2005-4816, upgrade the affected package to a fixed version below.

• Debian/proftpd—upgrade to 1.2.10-15sarge4 or later
• Debian/proftpd-dfsg—upgrade to 1.2.10+1.3.0rc5-1 or later

Is CVE-2005-4816 being exploited?

Low — EPSS is 2.8%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

• from 0, < 1.2.10-15sarge4
• from 0, < 1.2.10+1.3.0rc5-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2005-4816