CVE-2006-6171

Name	CVE-2006-6171
Description	ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from a vague initial disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1218
Debian Bugs	399070

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
proftpd-dfsg (PTS)	buster	1.3.6-4+deb10u6	fixed
	buster (security)	1.3.6-4+deb10u4	fixed
	bullseye	1.3.7a+dfsg-12+deb11u2	fixed
	bookworm	1.3.8+dfsg-4+deb12u3	fixed
	trixie	1.3.8.b+dfsg-1	fixed
	sid	1.3.8.b+dfsg-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
proftpd	source	sarge	1.2.10-15sarge2		DSA-1218
proftpd-dfsg	source	(unstable)	1.3.0-13	low		399070