CVE-2010-3867

Source
https://nvd.nist.gov/vuln/detail/CVE-2010-3867
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2010-3867.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2010-3867
Related
Published
2010-11-09T21:00:04Z
Modified
2024-11-18T05:01:16Z
Summary
[none]
Details

Multiple directory traversal vulnerabilities in the modsitemisc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.

References

Affected packages

Debian:11 / proftpd-dfsg

Package

Name
proftpd-dfsg
Purl
pkg:deb/debian/proftpd-dfsg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.3a-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / proftpd-dfsg

Package

Name
proftpd-dfsg
Purl
pkg:deb/debian/proftpd-dfsg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.3a-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / proftpd-dfsg

Package

Name
proftpd-dfsg
Purl
pkg:deb/debian/proftpd-dfsg?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.3a-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}