CVE-2006-6563 - OpenCVE

Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:S/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Proftpd Project	Proftpd

Configuration 1 [-]

OR	cpe:2.3:a:proftpd_project:proftpd:1.3.0:::::::*
	cpe:2.3:a:proftpd_project:proftpd:1.3.0a:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/23371
http://secunia.com/advisories/23392
http://secunia.com/advisories/23473
http://secunia.com/advisories/24163
http://security.gentoo.org/glsa/glsa-200702-02.xml
http://www.coresecurity.com/?module=ContentMod&action=item&id=1594
http://www.mandriva.com/security/advisories?name=MDKSA-2006:232
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.039.html
http://www.proftpd.org/docs/NEWS-1.3.1rc1
http://www.securityfocus.com/archive/1/454320/100/0/threaded
http://www.securityfocus.com/archive/1/460648/100/0/threaded
http://www.securityfocus.com/archive/1/460756/100/0/threaded
http://www.securityfocus.com/bid/21587
http://www.trustix.org/errata/2006/0074/
http://www.vupen.com/english/advisories/2006/4998
https://exchange.xforce.ibmcloud.com/vulnerabilities/30906
https://www.exploit-db.com/exploits/3330

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-12-15T11:00:00

Updated: 2024-08-07T20:33:59.205Z

Reserved: 2006-12-14T00:00:00

Link: CVE-2006-6563

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-12-15T11:28:00.000

Modified: 2018-10-17T21:49:10.317

Link: CVE-2006-6563

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "21587", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21587"}, {"name": "MDKSA-2006:232", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:232"}, {"name": "20061213 CORE-2006-1127: ProFTPD Controls Buffer Overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/454320/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.proftpd.org/docs/NEWS-1.3.1rc1"}, {"tags": ["x_refsource_MISC"], "url": "http://www.coresecurity.com/?module=ContentMod&action=item&id=1594"}, {"name": "20070219 ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/460648/100/0/threaded"}, {"name": "OpenPKG-SA-2006.039", "tags": ["vendor-advisory", "x_refsource_OPENPKG"], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.039.html"}, {"name": "3330", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/3330"}, {"name": "24163", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24163"}, {"name": "23473", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23473"}, {"name": "GLSA-200702-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200702-02.xml"}, {"name": "23371", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23371"}, {"name": "ADV-2006-4998", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4998"}, {"name": "23392", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23392"}, {"name": "20070221 Re: ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/460756/100/0/threaded"}, {"name": "proftpd-controls-bo(30906)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30906"}, {"name": "2006-0074", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2006/0074/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6563", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21587", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21587"}, {"name": "MDKSA-2006:232", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:232"}, {"name": "20061213 CORE-2006-1127: ProFTPD Controls Buffer Overflow", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/454320/100/0/threaded"}, {"name": "http://www.proftpd.org/docs/NEWS-1.3.1rc1", "refsource": "CONFIRM", "url": "http://www.proftpd.org/docs/NEWS-1.3.1rc1"}, {"name": "http://www.coresecurity.com/?module=ContentMod&action=item&id=1594", "refsource": "MISC", "url": "http://www.coresecurity.com/?module=ContentMod&action=item&id=1594"}, {"name": "20070219 ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460648/100/0/threaded"}, {"name": "OpenPKG-SA-2006.039", "refsource": "OPENPKG", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.039.html"}, {"name": "3330", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/3330"}, {"name": "24163", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24163"}, {"name": "23473", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23473"}, {"name": "GLSA-200702-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200702-02.xml"}, {"name": "23371", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23371"}, {"name": "ADV-2006-4998", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4998"}, {"name": "23392", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23392"}, {"name": "20070221 Re: ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/460756/100/0/threaded"}, {"name": "proftpd-controls-bo(30906)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30906"}, {"name": "2006-0074", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2006/0074/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:33:59.205Z"}, "title": "CVE Program Container", "references": [{"name": "21587", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21587"}, {"name": "MDKSA-2006:232", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:232"}, {"name": "20061213 CORE-2006-1127: ProFTPD Controls Buffer Overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/454320/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.proftpd.org/docs/NEWS-1.3.1rc1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.coresecurity.com/?module=ContentMod&action=item&id=1594"}, {"name": "20070219 ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/460648/100/0/threaded"}, {"name": "OpenPKG-SA-2006.039", "tags": ["vendor-advisory", "x_refsource_OPENPKG", "x_transferred"], "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.039.html"}, {"name": "3330", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/3330"}, {"name": "24163", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24163"}, {"name": "23473", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23473"}, {"name": "GLSA-200702-02", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200702-02.xml"}, {"name": "23371", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23371"}, {"name": "ADV-2006-4998", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4998"}, {"name": "23392", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23392"}, {"name": "20070221 Re: ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/460756/100/0/threaded"}, {"name": "proftpd-controls-bo(30906)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30906"}, {"name": "2006-0074", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2006/0074/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6563", "datePublished": "2006-12-15T11:00:00", "dateReserved": "2006-12-14T00:00:00", "dateUpdated": "2024-08-07T20:33:59.205Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proftpd_project:proftpd:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "0145065F-44D0-4E1F-AA2B-1A1B2550E2AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:proftpd_project:proftpd:1.3.0a:*:*:*:*:*:*:*", "matchCriteriaId": "73C76602-73FC-4273-9A46-E4B1DDAA5A23", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n pr_ctrls_recv_request en ctrls.c en el m\u00f3dulo mod_ctrls en ProFTPD anterior a 1.3.1rc1 permite a un usuario local ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s del valor de longitud reqarglen."}], "evaluatorSolution": "This vulnerability is addressed in the following product update:\r\nProFTPD Project, ProFTPD, 1.3.1rc1", "id": "CVE-2006-6563", "lastModified": "2018-10-17T21:49:10.317", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 2.7, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-12-15T11:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/23371"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23392"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/23473"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24163"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200702-02.xml"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.coresecurity.com/?module=ContentMod&action=item&id=1594"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:232"}, {"source": "cve@mitre.org", "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.039.html"}, {"source": "cve@mitre.org", "url": "http://www.proftpd.org/docs/NEWS-1.3.1rc1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/454320/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/460648/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/460756/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://www.securityfocus.com/bid/21587"}, {"source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2006/0074/"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4998"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30906"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/3330"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}