CVE-2006-6563
EPSS 0.25%
Description
Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.
How to fix CVE-2006-6563
To remediate CVE-2006-6563, upgrade the affected package to a fixed version below.
- Debian/proftpd-dfsg—upgrade to 1.3.0-17 or later
Is CVE-2006-6563 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.3.0-17