CVE-2019-18217

High

ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long…

mitre·CWE-835·Published 2019-10-21

CVSS

7.5

EPSS

0.20

KEV

Exploits

cve.orgen

206 chars

ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.

NVDen

206 chars

NVDes

272 chars

ProFTPD versiones anteriores a 1.3.6b y versiones 1.3.7rc anteriores a 1.3.7rc2, permite una denegación de servicio remota no autenticada debido al manejo incorrecto de comandos demasiado largos porque el archivo main.c en un proceso secundario entra en un bucle infinito.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H