Candidate: CVE-2011-1137
PublicDate: 2011-03-11 17:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1137
Description:
 Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and
 earlier allows remote attackers to cause a denial of service (memory
 consumption leading to OOM kill) via a malformed SSH message.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_proftpd-dfsg:
 upstream: http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/mod_sftp.c?r1=1.29.2.1&r2=1.29.2.2
 upstream: http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/packet.h?r1=1.3&r2=1.3.2.1
 upstream: http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/packet.c?r1=1.14.2.2&r2=1.14.2.3
upstream_proftpd-dfsg: needs-triage
dapper_proftpd-dfsg: DNE
hardy_proftpd-dfsg: ignored (reached end-of-life)
karmic_proftpd-dfsg: ignored (reached end-of-life)
lucid_proftpd-dfsg: not-affected (code not present)
maverick_proftpd-dfsg: not-affected (code not present)
natty_proftpd-dfsg: not-affected (1.3.3d-4)
oneiric_proftpd-dfsg: not-affected (1.3.3d-4)
devel_proftpd-dfsg: not-affected (1.3.3d-4)