Vulnerability Details : CVE-2010-4221
Public exploit exists!
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.
Vulnerability category: OverflowExecute code
Threat overview for CVE-2010-4221
Top countries where our scanners detected CVE-2010-4221
Top open port discovered on systems with this issue
21
IPs affected by CVE-2010-4221 32,405
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2010-4221!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2010-4221
Probability of exploitation activity in the next 30 days: 96.41%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2010-4221
-
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux)
Disclosure Date: 2010-11-01First seen: 2020-04-26exploit/linux/ftp/proftp_telnet_iacThis module exploits a stack-based buffer overflow in versions of ProFTPD server between versions 1.3.2rc3 and 1.3.3b. By sending data containing a large number of Telnet IAC commands, an attacker can corrupt memory and execute arbitrary code. The Debian S -
ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (FreeBSD)
Disclosure Date: 2010-11-01First seen: 2020-04-26exploit/freebsd/ftp/proftp_telnet_iacThis module exploits a stack-based buffer overflow in versions of ProFTPD server between versions 1.3.2rc3 and 1.3.3b. By sending data containing a large number of Telnet IAC commands, an attacker can corrupt memory and execute arbitrary code. Authors: - j
CVSS scores for CVE-2010-4221
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2010-4221
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-4221
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.html
[SECURITY] Fedora 13 Update: proftpd-1.3.3c-1.fc13
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.html
[SECURITY] Fedora 12 Update: proftpd-1.3.3c-1.fc12
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:227
mandriva.com
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.html
[SECURITY] Fedora 14 Update: proftpd-1.3.3c-1.fc14
-
http://www.proftpd.org/docs/NEWS-1.3.3c
404 Not Found
-
http://www.vupen.com/english/advisories/2010/2941
Webmail | OVH- OVH
-
http://www.securityfocus.com/bid/44562
ProFTPD Multiple Remote VulnerabilitiesExploit
-
http://bugs.proftpd.org/show_bug.cgi?id=3521
Bug 3521 – Telnet IAC processing stack overflowExploit
-
http://www.zerodayinitiative.com/advisories/ZDI-10-229/
ZDI-10-229 | Zero Day Initiative
-
http://www.vupen.com/english/advisories/2010/2962
Webmail | OVH- OVH
-
http://www.vupen.com/english/advisories/2010/2959
Webmail | OVH- OVH
Products affected by CVE-2010-4221
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:c:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:a:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:a:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:b:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc4:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:d:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:e:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:b:*:*:*:*:*:*