Directory Traversal Vulnerabilities in ProFTPD by The ProFTPD Project
CVE-2010-3867

Currently unrated

Key Information:

Vendor

Proftpd

Status
Proftpd
Vendor
CVE Published:
9 November 2010

What is CVE-2010-3867?

The ProFTPD software, specifically in the mod_site_misc module, has several directory traversal vulnerabilities. These flaws allow remote authenticated users to execute potentially damaging actions such as creating or deleting directories, establishing symbolic links, and altering file timestamps. This is achieved through crafted directory traversal sequences in commands like SITE MKDIR, SITE RMDIR, SITE SYMLINK, or SITE UTIME, leading to possible system compromises.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.proftpd.org/docs/NEWS-1.3.3c
x_refsource_CONFIRM
http://secunia.com/advisories/42047
third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2011/dsa-2191
vendor-advisoryx_refsource_DEBIAN

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.