CVE - CVE-2006-6170

CVE-ID
CVE-2006-6170	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:21326 URL:http://www.securityfocus.com/bid/21326 BUGTRAQ:20061121 Re: [ MDKSA-2006:217 ] - Updated proftpd packages fix vulnerabilities URL:http://www.securityfocus.com/archive/1/452228/100/100/threaded BUGTRAQ:20061128 ProFTPD mod_tls pre-authentication buffer overflow URL:http://www.securityfocus.com/archive/1/452872/100/0/threaded BUGTRAQ:20061129 Re: ProFTPD mod_tls pre-authentication buffer overflow URL:http://www.securityfocus.com/archive/1/452993/100/100/threaded CONFIRM:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820 DEBIAN:DSA-1222 URL:http://www.debian.org/security/2006/dsa-1222 FULLDISC:20061128 ProFTPD mod_tls pre-authentication buffer overflow URL:http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050935.html GENTOO:GLSA-200611-26 URL:http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml MANDRIVA:MDKSA-2006:217-1 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1~~ (Obsolete source) MISC:http://elegerov.blogspot.com/2006/10/do-you-remember-2-years-old-overflow.html SECUNIA:23141 URL:http://secunia.com/advisories/23141 SECUNIA:23174 URL:http://secunia.com/advisories/23174 SECUNIA:23179 URL:http://secunia.com/advisories/23179 SECUNIA:23184 URL:http://secunia.com/advisories/23184 SECUNIA:23207 URL:http://secunia.com/advisories/23207 SLACKWARE:SSA:2006-335-02 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491 TRUSTIX:2006-0066 URL:~~http://www.trustix.org/errata/2006/0066~~ (Obsolete source - check if archived by the Wayback Machine) VUPEN:ADV-2006-4745 URL:~~http://www.vupen.com/english/advisories/2006/4745~~ (Obsolete source) XF:proftpd-modtls-bo(30554) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/30554
Assigning CNA
MITRE Corporation
Date Record Created
20061130	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20061130)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)