OpenPKG Security Advisory OpenPKG-SA-2006.035 – As undisclosed by an exploit (vd_proftpd.pm) and a related vendor bugfix, a Denial of Service (DoS) vulnerability exists in the FTP server ProFTPD, up to and including version 1.3.0. The flaw is due to both a potential bus error and a definitive buffer overflow in the code which determines the FTP command buffer size limit. The vulnerability can be exploited only if the “CommandBufferSize” directive is explicitly used in the server configuration — which is not the case in OpenPKG’s default configuration of ProFTPD.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/52294/OpenPKG-SA-2006-035.txt
Source: https://packetstormsecurity.com/files/52294/OpenPKG-SA-2006-035.txt.html