CVE-2008-7265
proftpd-dfsg - several
EPSS 0.33%
Description
The pr_data_xfer function in ProFTPD before 1.3.2rc3 allows remote authenticated users to cause a denial of service (CPU consumption) via an ABOR command during a data transfer.
How to fix CVE-2008-7265
To remediate CVE-2008-7265, upgrade the affected package to a fixed version below.
- Debian/proftpd-dfsg—upgrade to 1.3.2-1 or later
- Debian/proftpd-dfsg—upgrade to 1.3.1-17lenny6 or later
Is CVE-2008-7265 being exploited?
Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.3.2-1
- from 0, < 1.3.1-17lenny6