CVE-2011-1137

ProFTPD < 1.3.3d - Denial of Service via Malformed SSH Message

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-1137. PoCs published by kingcope.

AI-analyzed exploit summary This exploit targets an integer overflow vulnerability in ProFTPD's mod_sftp module. It sends a malformed SSH protocol banner to trigger a segmentation fault, potentially leading to a denial-of-service (DoS) condition.

Description

Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.

Exploits (1)

exploitdb WORKING POC

by kingcope · textdoslinux

https://www.exploit-db.com/exploits/16129

View Code ZIP pw:eip

This exploit targets an integer overflow vulnerability in ProFTPD's mod_sftp module. It sends a malformed SSH protocol banner to trigger a segmentation fault, potentially leading to a denial-of-service (DoS) condition.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: ProFTPD with mod_sftp (version not specified)

No auth needed

Prerequisites: Network access to the ProFTPD service on port 21

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17

Core References

Vendor Advisory vendor-advisory x_refsource_slackware

http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.485806

Vendor Advisory x_refsource_confirm

http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/packet.h?r1=1.3&r2=1.3.2.1

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/16129/

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43978

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0857

Exploit, Patch x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=681718

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/46183

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2011/dsa-2185

Patch x_refsource_confirm

http://bugs.proftpd.org/show_bug.cgi?id=3586

Various Sources x_refsource_confirm

http://bugs.proftpd.org/show_bug.cgi?id=3587

Vendor Advisory x_refsource_confirm

http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/packet.c?r1=1.14.2.2&r2=1.14.2.3

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2011/0617

Patch x_refsource_confirm

http://proftp.cvs.sourceforge.net/viewvc/proftp/proftpd/contrib/mod_sftp/mod_sftp.c?r1=1.29.2.1&r2=1.29.2.2

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058344.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43234

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058356.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/43635

Scores

EPSS 0.2807

EPSS Percentile 97.9%

Details

CWE

CWE-189

Status published

Products (14)

proftpd/proftpd 1.2.0 (6 CPE variants)

proftpd/proftpd 1.2.1

proftpd/proftpd 1.2.2 (4 CPE variants)

proftpd/proftpd 1.2.3

proftpd/proftpd 1.2.4

proftpd/proftpd 1.2.5 (4 CPE variants)

proftpd/proftpd 1.2.6 (3 CPE variants)

proftpd/proftpd 1.2.7 (4 CPE variants)

proftpd/proftpd 1.2.8 (3 CPE variants)

proftpd/proftpd 1.2.9 (4 CPE variants)

... and 4 more

Published Mar 11, 2011

Tracked Since Feb 18, 2026