CVE-2015-3306

Public Exploit

Description

The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.

Link	Tags
http://www.rapid7.com/db/modules/exploit/unix/ftp/proftpd_modcopy_exec
https://www.exploit-db.com/exploits/36803/	exploit
http://packetstormsecurity.com/files/131555/ProFTPd-1.3.5-Remote-Command-Execution.html
http://www.debian.org/security/2015/dsa-3263	vendor advisory
http://packetstormsecurity.com/files/131567/ProFTPd-CPFR-CPTO-Proof-Of-Concept.html
http://packetstormsecurity.com/files/132218/ProFTPD-1.3.5-Mod_Copy-Command-Execution.html
http://lists.opensuse.org/opensuse-updates/2015-06/msg00020.html	vendor advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157053.html	vendor advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157054.html	vendor advisory
http://www.securityfocus.com/bid/74238	vdb entry
https://www.exploit-db.com/exploits/36742/	exploit
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157581.html	vendor advisory
http://packetstormsecurity.com/files/131505/ProFTPd-1.3.5-File-Copy.html
http://packetstormsecurity.com/files/162777/ProFTPd-1.3.5-Remote-Command-Execution.html

What is the severity of CVE-2015-3306?: CVE-2015-3306 has been scored as a critical severity vulnerability.
How to fix CVE-2015-3306?: To fix CVE-2015-3306, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2015-3306 being actively exploited in the wild?: It is possible that CVE-2015-3306 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~94% probability that this vulnerability will be exploited by malicious actors in the next 30 days.