Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2010-3867

Published: 9 November 2010

Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.

Priority

Medium

Status

Package Release Status
proftpd
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
hardy Does not exist

karmic Does not exist

lucid Does not exist

maverick Does not exist

natty Does not exist

oneiric Does not exist

upstream
Released (1.3.3c)
Patches:
upstream: http://bugs.proftpd.org/attachment.cgi?id=3432

proftpd-dfsg
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Ignored
(end of life)
karmic Ignored
(end of life)
lucid
Released (1.3.2c-1ubuntu0.1)
maverick
Released (1.3.2e-4ubuntu0.1)
natty Not vulnerable
(1.3.3a-4)
oneiric Not vulnerable
(1.3.3a-4)
upstream
Released (1.3.3c)
Patches:

upstream: http://bugs.proftpd.org/attachment.cgi?id=3432