{"id":"CVE-2011-1137","details":"Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.","modified":"2026-01-27T04:10:41.619433Z","published":"2011-03-11T17:55:03Z","withdrawn":"2026-01-27T04:10:41.619433Z","related":["openSUSE-SU-2024:10048-1"],"references":[{"type":"ADVISORY","url":"http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/packet.c?r1=1.14.2.2&r2=1.14.2.3"},{"type":"ADVISORY","url":"http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/packet.h?r1=1.3&r2=1.3.2.1"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43234"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43635"},{"type":"ADVISORY","url":"http://secunia.com/advisories/43978"},{"type":"ADVISORY","url":"http://www.debian.org/security/2011/dsa-2185"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0617"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2011/0857"},{"type":"EVIDENCE","url":"http://www.exploit-db.com/exploits/16129/"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/46183"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=681718"},{"type":"FIX","url":"http://bugs.proftpd.org/show_bug.cgi?id=3586"},{"type":"FIX","url":"http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/mod_sftp.c?r1=1.29.2.1&r2=1.29.2.2"},{"type":"WEB","url":"http://bugs.proftpd.org/show_bug.cgi?id=3587"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058344.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058356.html"},{"type":"WEB","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.485806"}],"schema_version":"1.7.3"}