CVE-2006-6170
EPSS 14.4%
Description
Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815.
How to fix CVE-2006-6170
To remediate CVE-2006-6170, upgrade the affected package to a fixed version below.
- Debian/proftpd-dfsg—upgrade to 1.3.0-16 or later
Is CVE-2006-6170 being exploited?
Moderate — EPSS is 14.4%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.3.0-16