Vulnerability CVE-2013-4359: Information
Description
Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.
Severity: MEDIUM (5.0)
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
proftpd | sisyphus | 1.3.5-alt2.gita31d0ab | 1.3.8-alt0.2.ga3489a6c8 | ALT-PU-2015-1457-1 | 144569 | Fixed |
proftpd | p10 | 1.3.5-alt2.gita31d0ab | 1.3.6-alt0.4.ga73dbfe3b | ALT-PU-2015-1457-1 | 144569 | Fixed |
proftpd | p9 | 1.3.5-alt2.gita31d0ab | 1.3.6-alt0.4.ga73dbfe3b | ALT-PU-2015-1457-1 | 144569 | Fixed |
proftpd | c10f1 | 1.3.5-alt2.gita31d0ab | 1.3.6-alt0.4.ga73dbfe3b | ALT-PU-2015-1457-1 | 144569 | Fixed |
proftpd | c9f2 | 1.3.5-alt2.gita31d0ab | 1.3.8-alt0.2.ga3489a6c8 | ALT-PU-2015-1457-1 | 144569 | Fixed |
proftpd | p11 | 1.3.5-alt2.gita31d0ab | 1.3.8-alt0.2.ga3489a6c8 | ALT-PU-2015-1457-1 | 144569 | Fixed |