CVE-2021-47865
Unknown Unknown - Not Provided
Denial of Service in ProFTPD 1.3.7a via Connection Exhaustion

Publication date: 2026-01-21

Last updated on: 2026-01-21

Assigner: VulnCheck

Description
ProFTPD 1.3.7a contains a denial of service vulnerability that allows attackers to overwhelm the server by creating multiple simultaneous FTP connections. Attackers can repeatedly establish connections using threading to exhaust server connection limits and block legitimate user access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-21
Last Modified
2026-01-21
Generated
2026-06-16
AI Q&A
2026-01-21
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47865
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
proftpd proftpd 1.3.7a
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in ProFTPD 1.3.7a allows an attacker to cause a denial of service by opening many simultaneous FTP connections to the server. By repeatedly establishing multiple connections using threading, the attacker can exhaust the server's connection limits, preventing legitimate users from accessing the FTP service. The attack can bypass per-IP connection limits by using multiple proxies and is automated by a script that opens many connections concurrently. [1]

Impact Analysis

The impact of this vulnerability is a denial of service condition on the ProFTPD server. Attackers can overwhelm the server by exhausting its allowed connection slots, which blocks legitimate users from connecting and using the FTP service. This can disrupt business operations that rely on FTP access and cause service unavailability. [1]

Detection Guidance

This vulnerability can be detected by monitoring the number of simultaneous FTP connections to the ProFTPD server, especially if there is an unusually high number of connections that saturate the server's connection limits. One can check if the FTP port (default 21) is open and observe connection patterns. Although no specific detection commands are provided, using network monitoring tools to track FTP connections or running scripts that test port availability and connection counts can help identify the issue. [1]

Mitigation Strategies

Immediate mitigation steps include limiting the number of simultaneous FTP connections per IP address and implementing network-level protections such as firewalls or intrusion prevention systems to detect and block excessive connection attempts. Additionally, monitoring for unusual connection patterns and using proxy detection can help prevent distributed attacks. Restarting the FTP service periodically may temporarily alleviate the issue, but patching or upgrading ProFTPD to a version without this vulnerability is recommended. [1]

Compliance Impact

This vulnerability causes a denial of service by exhausting server connection limits, which can disrupt availability of FTP services. While it does not directly compromise confidentiality or integrity of data, the resulting service unavailability could impact compliance with standards and regulations that require maintaining availability of systems and services, such as GDPR and HIPAA. However, no explicit information about compliance impact is provided in the resources. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47865. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart