CVE-2001-0136

Description

Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.

Affected Software
References

Software	From	Fixed in
debian / debian_linux	2.2	2.2.x
mandrakesoft / mandrake_linux	7.2	7.2.x
conectiva / linux	-	-
proftpd / proftpd	1.2.0-rc2	1.2.0-rc2.x

http://archives.neohapsis.com/archives/bugtraq/2001-01/0122.html
http://archives.neohapsis.com/archives/bugtraq/2001-01/0132.html
http://archives.neohapsis.com/archives/bugtraq/2001-02/0267.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000380
http://www.debian.org/security/2001/dsa-029
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-021.php3
http://www.securityfocus.com/archive/1/152206
https://exchange.xforce.ibmcloud.com/vulnerabilities/5801

Severity: Medium

CVE: CVE-2001-0136
Published: Mar 12, 2001
Updated: Apr 13, 2023
Exploit:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-399
CWE-401

CVE-2001-0136

Description

Details

CVSS v2

CWEs