ProFTPD Telnet IAC buffer overflow

Added: 01/21/2011
CVE: CVE-2010-4221
BID: 44562
OSVDB: 68985


ProFTPD is free FTP Server software for Unix and Linux platforms.


A buffer overflow vulnerability in ProFTPD allows remote attackers to execute arbitrary commands by sending a TELNET_IAC escape sequence to the FTP service.


Upgrade to ProFTPD 1.3.3c or higher.



Exploit works on ProFTPD 1.3.2c-1 on Ubuntu 10.04 LTS.

Note that because a security cookie exists on the stack and the security cookie stays the same for spawned child processes, this exploit brute-forces the security cookie and may take an excessively long time to find the right one. Therefore, this exploit is unlikely to succeed before it times out. To improve the odds of success, modify the timeout setting in the exploit plug-in, and allow it to run individually for several days.


Linux / Ubuntu

Back to exploit index