What is CVE-2011-1575?

CVE-2011-1575 is a vulnerability in Pureftpd Pure-ftpd, classified under CWE-399. Published 2011-05-23.

Is CVE-2011-1575 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Pureftpd Pure-ftpd

CVE-2011-1575

The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is…

EPSS: 0.222 (95.9th percentile) — read the EPSS interpretation.

Affected products

Pureftpd Pure-ftpd — versions 0.90, 0.91, 0.92
N/a — versions n/a

Weakness classification (CWE)

CWE-399

Public proof-of-concept exploits

References

[oss-security] 20110411 Re: pure-ftpd STARTTLS command injection / new CVE? (mailing-list, x_refsource_MLIST)
SUSE-SR:2011:009 (vendor-advisory, x_refsource_SUSE)
secalert@redhat.com (x_refsource_CONFIRM)
[pure-ftpd] 20110308 Pure-FTPd 1.0.30 has been released (mailing-list, x_refsource_MLIST)
[opensuse-updates] 20110512 openSUSE-SU-2011:0483-1 (moderate): New pure-ftpd version fix STARTTLS issues (CVE-2011-1575). (mailing-list, x_refsource_MLIST)
43988 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
[oss-security] 20110411 Re: pure-ftpd STARTTLS command injection / new CVE? (mailing-list, x_refsource_MLIST)
44548 (x_refsource_SECUNIA, third-party-advisory)
[oss-security] 20110411 Re: pure-ftpd STARTTLS command injection / new CVE? (mailing-list, x_refsource_MLIST)
[oss-security] 20110411 pure-ftpd STARTTLS command injection / new CVE? (mailing-list, x_refsource_MLIST)

Frequently asked questions

What is CVE-2011-1575?: CVE-2011-1575 is a vulnerability in Pureftpd Pure-ftpd, classified under CWE-399. Published 2011-05-23.
Is CVE-2011-1575 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.