CVE-2011-1137

EPSS 3.5%

proftpd-dfsg - integer overflow

Published: 3/11/2011Modified: 3/9/2026

Also known as:DSA-2185-1DEBIAN-CVE-2011-1137

Description

Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.

Affected packages (2)

Debian/proftpd-dfsgfrom 0, < 1.3.3d-4
Debian/proftpd-dfsgfrom 0, < 1.3.3a-6squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1137