CVE-2010-3867
Published: 9 November 2010
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
Priority
Status
Package | Release | Status |
---|---|---|
proftpd Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
upstream |
Released
(1.3.3c)
|
|
Patches: upstream: http://bugs.proftpd.org/attachment.cgi?id=3432 |
||
proftpd-dfsg Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Released
(1.3.2c-1ubuntu0.1)
|
|
maverick |
Released
(1.3.2e-4ubuntu0.1)
|
|
natty |
Not vulnerable
(1.3.3a-4)
|
|
oneiric |
Not vulnerable
(1.3.3a-4)
|
|
upstream |
Released
(1.3.3c)
|
|
Patches: upstream: http://bugs.proftpd.org/attachment.cgi?id=3432 |