Access Control Bypass in ProFTPD by The ProFTPD Project
CVE-2004-0432

Currently unrated

Key Information:

Vendor

Proftpd Project

Status
Proftpd
Vendor
CVE Published:
18 August 2004

What is CVE-2004-0432?

The ProFTPD 1.2.9 version incorrectly processes the Allow and Deny directives associated with CIDR-based Access Control Lists (ACLs). This misconfiguration leads to a scenario where FTP clients may circumvent the established restrictions, effectively granting them unauthorized access to files and services that should otherwise be protected. This vulnerability emphasizes the importance of strict access control configurations in FTP servers to safeguard sensitive data from potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/10252
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/16038
vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=108335051011341&w=2
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.