UBUNTU-CVE-2019-18217
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 21 Oct 2019, 04:15
Last modified:20 May 2026, 16:03
Vulnerability Summary
Overall Risk (default)
medium
30/100 CVSS Score
7.5 HIGH
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
21 Oct 2019, 04:15
Published
Vulnerability first disclosed
20 May 2026, 16:03
Last Modified
Vulnerability information updated
Description
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
CVSS Metrics
- v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- ubuntu•proftpd-dfsg
all | all | all | all | all | all | all
References (8)
- https://ubuntu.com/security/CVE-2019-18217
- https://github.com/proftpd/proftpd/commit/13fe9462787b9a551152162f46f1641d65fe4df4
- https://github.com/proftpd/proftpd/issues/846
- https://github.com/proftpd/proftpd/blob/1.3.6/NEWS
- https://github.com/proftpd/proftpd/blob/1.3.6/RELEASE_NOTES
- https://github.com/proftpd/proftpd/blob/master/NEWS
- https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
- https://www.cve.org/CVERecord?id=CVE-2019-18217