ProFTPD 1.3.5 Remote Code Execution (CVE-2015-3306)
Overview
ProFTPD 1.3.5 Remote Code Execution, tracked as CVE-2015-3306, affects the mod_copy module in ProFTPD, a widely used open-source FTP server. The vulnerability is best understood as an arbitrary file read/write issue that can lead to remote code execution in exposed environments.
Vulnerability Overview
CVE-2015-3306 exists in the mod_copy module of ProFTPD 1.3.5. The vulnerable behavior allows remote attackers to read from and write to arbitrary files through FTP copy operations exposed by the module.
The issue is dangerous because file read/write access can cross normal application boundaries. If an attacker can write to a location that is later executed or interpreted by another service, the primitive can become remote code execution rather than only unauthorized file access.
Impact
CVE-2015-3306 has a CVSS 2.0 score of 10.0 and is rated High in NVD. The score reflects network reachability, low attack complexity, no authentication requirement, and complete confidentiality, integrity, and availability impact under CVSS v2 scoring.
Successful exploitation can allow an attacker to read sensitive files, write unauthorized content, modify server-side files, stage persistence, or escalate the issue into command execution depending on the server layout and writable paths. FTP services exposed to untrusted networks are especially high risk when vulnerable ProFTPD versions are deployed with mod_copy enabled.
Vulnerability Scope
CVE-2015-3306 affects ProFTPD 1.3.5 when the vulnerable mod_copy module is available. The primary exposure is an FTP service reachable by attackers where copy commands can be used to interact with files outside the intended security boundary.
The practical impact depends on the account context, filesystem permissions, writable directories, and whether copied files can be placed into web roots, startup locations, configuration paths, or other execution-sensitive areas.
Lab Focus
This lab focuses on understanding how an arbitrary file read/write vulnerability in an FTP service can become a remote code execution risk. The goal is to practice recognizing the vulnerable component, evaluating the impact of file write primitives, and understanding why service permissions and deployment layout matter.