Several vulnerabilities were discovered in ProFTPD, an FTP server: ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue similar to CVE-2011-0411. CVE-2011-4130 ProFTPD uses a response pool after freeing it under exceptional conditions, possibly leading to remote code execution