CVE-2019-12815
- Source
- https://cve.org/CVERecord?id=CVE-2019-12815
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-12815.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-12815
- Downstream
- Related
- Published
- 2019-07-19T23:15:11.030Z
- Modified
- 2026-04-02T00:38:01.154326Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00004.html
- http://seclists.org/fulldisclosure/2024/Aug/35
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XM5FPBAGSIKV6YJZEPM6GPGJO5JFT7XU/
- http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OJDQ3XUYWO42TJBO53NUWDZRA35QMVEI/
- https://security.gentoo.org/glsa/201908-16
- https://lists.debian.org/debian-lts-announce/2019/08/msg00006.html
- https://www.debian.org/security/2019/dsa-4491
- http://www.securityfocus.com/bid/109339
- https://seclists.org/bugtraq/2019/Aug/3
- https://cert-portal.siemens.com/productcert/pdf/ssa-940889.pdf
- https://tbspace.de/cve201912815proftpd.html
- http://bugs.proftpd.org/show_bug.cgi?id=4372
- https://github.com/proftpd/proftpd/pull/816
Affected packages
Git / github.com/proftpd/proftpd
Affected versions
v1.*
v1.3.5a
v1.3.5b
v1.3.5c
v1.3.5d
v1.3.5e
v1.3.6
v1.3.6a
v1.3.6b
v1.3.6c
v1.3.6d
v1.3.6e
v1.3.6rc1
v1.3.6rc2
v1.3.6rc3
v1.3.6rc4
v1.3.7
v1.3.7a
v1.3.7b
v1.3.7c
v1.3.7d
v1.3.7e
v1.3.7f
v1.3.7rc1
v1.3.7rc2
v1.3.7rc3
v1.3.7rc4
v1.3.8
v1.3.8a
v1.3.8b
v1.3.8c
v1.3.8d
v1.3.8rc1
v1.3.8rc2
v1.3.8rc3
v1.3.8rc4
v1.3.9
v1.3.9rc1
v1.3.9rc2
v1.3.9rc3
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-12815.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "29"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "30"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "10.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "8.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "10.0"
}
]
},
{
"events": [
{
"introduced": "2.0"
},
{
"fixed": "2.2"
}
]
}
]