CVE-2015-3306 : The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and

The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.

Published 2015-05-18 15:59:11

Updated 2021-05-26 20:15:08

Source MITRE

View at NVD, CVE.org

Vulnerability category: BypassGain privilege

Threat overview for CVE-2015-3306

Top countries where our scanners detected CVE-2015-3306

Top open port discovered on systems with this issue 21

IPs affected by CVE-2015-3306 199,042

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2015-3306!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2015-3306

Probability of exploitation activity in the next 30 days: 97.09%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2015-3306

ProFTPD 1.3.5 Mod_Copy Command Execution

Disclosure Date: 2015-04-22

First seen: 2020-04-26

exploit/unix/ftp/proftpd_modcopy_exec

This module exploits the SITE CPFR/CPTO mod_copy commands in ProFTPD version 1.3.5. Any unauthenticated client can leverage these commands to copy files from any part of the filesystem to a chosen destination. The copy commands are executed with the rights of

More information

CVSS scores for CVE-2015-3306

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2015-3306

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-3306

http://packetstormsecurity.com/files/132218/ProFTPD-1.3.5-Mod_Copy-Command-Execution.html

ProFTPD 1.3.5 Mod_Copy Command Execution ≈ Packet Storm
http://lists.opensuse.org/opensuse-updates/2015-06/msg00020.html

openSUSE-SU-2015:1031-1: moderate: Security update for proftpd

CVEs referencing this url
http://www.securityfocus.com/bid/74238

ProFTPD CVE-2015-3306 Information Disclosure Vulnerabilities
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157054.html

[SECURITY] Fedora 20 Update: proftpd-1.3.4e-3.fc20
http://www.debian.org/security/2015/dsa-3263

Debian -- Security Information -- DSA-3263-1 proftpd-dfsg
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157053.html

[SECURITY] Fedora 22 Update: proftpd-1.3.5-6.fc22
https://www.exploit-db.com/exploits/36742/

ProFTPd 1.3.5 - File Copy
Exploit
http://packetstormsecurity.com/files/131505/ProFTPd-1.3.5-File-Copy.html

ProFTPd 1.3.5 File Copy ≈ Packet Storm
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157581.html

[SECURITY] Fedora 21 Update: proftpd-1.3.5-5.fc21
https://www.exploit-db.com/exploits/36803/

ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution
Exploit
http://packetstormsecurity.com/files/131567/ProFTPd-CPFR-CPTO-Proof-Of-Concept.html

ProFTPd CPFR / CPTO Proof Of Concept ≈ Packet Storm
http://www.rapid7.com/db/modules/exploit/unix/ftp/proftpd_modcopy_exec

ProFTPD 1.3.5 Mod_Copy Command Execution
http://packetstormsecurity.com/files/162777/ProFTPd-1.3.5-Remote-Command-Execution.html

ProFTPd 1.3.5 Remote Command Execution ≈ Packet Storm
http://packetstormsecurity.com/files/131555/ProFTPd-1.3.5-Remote-Command-Execution.html

ProFTPd 1.3.5 Remote Command Execution ≈ Packet Storm

Products affected by CVE-2015-3306

Proftpd » Proftpd » Version: 1.3.5
cpe:2.3:a:proftpd:proftpd:1.3.5:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2015-3306