CVE-2013-4359

EPSS 1.4%

proftpd-dfsg - denial of service

Published: 9/30/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-4359

Description

Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.

Affected packages (2)

Debian/proftpd-dfsgfrom 0, < 1.3.5~rc3-2.1
Debian/proftpd-dfsgfrom 0, < 1.3.3a-6squeeze7

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4359