CVE-2005-2390

Publication date 27 July 2005

Last updated 17 July 2025

Ubuntu priority

Description

Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
proftpd	7.10 gutsy	Not in release
	7.04 feisty	Not in release
	6.10 edgy	Fixed 1.3.0-9ubuntu0.1
	6.06 LTS dapper	Fixed 1.2.10-27ubuntu3.1
proftpd-dfsg	7.10 gutsy	Fixed 1.3.0-21ubuntu1
	7.04 feisty	Fixed 1.3.0-21ubuntu1
	6.10 edgy	Not in release
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2005-2390