An off-by-two heap overflow exists in ProFTPD 1.2.7 to 1.2.9rc1 and 1.2.7p to 1.2.9rc1p. This bug can only be exploited if there is a writable directory on the FTP server. This module uses two different techniques in order to exploit the bug, depending on the glibc version (new glibc versions use a modified malloc implementation). Once the bug has been exploited, full root capabilities are regained (chroot can therefore be broken thanks to the appropriate module).
CVE Link
Exploit Platform
Product Name