First published: Thu Feb 20 2020(Updated: )
ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Proftpd Proftpd | <1.3.6c | |
Siemens Simatic Net Cp 1543-1 Firmware | <3.0 | |
Siemens Simatic Net Cp 1543-1 | ||
Siemens Simatic Net Cp 1545-1 Firmware | ||
Siemens Simatic Net Cp 1545-1 | ||
openSUSE Backports SLE | =15.0 | |
openSUSE Backports SLE | =15.0-sp1 | |
openSUSE Leap | =15.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-9272 is a vulnerability in ProFTPD 1.3.7 that allows for an out-of-bounds (OOB) read via the cap_text.c cap_to_text function.
ProFTPD 1.3.7 is affected by CVE-2020-9272.
CVE-2020-9272 has a severity rating of high (7.5).
To mitigate the vulnerability in CVE-2020-9272, it is recommended to update to a version higher than 1.3.7.
More information about CVE-2020-9272 can be found in the following references: [1] http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00002.html [2] https://cert-portal.siemens.com/productcert/pdf/ssa-679335.pdf [3] https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES