CVE-2010-3867
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2010-3867
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2010-3867.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2010-3867
- Downstream
- Published
- 2010-11-09T21:00:04Z
- Modified
- 2025-08-09T20:01:27Z
- Summary
- [none]
- Details
-
Multiple directory traversal vulnerabilities in the modsitemisc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
- References
-
- http://secunia.com/advisories/42047
- http://secunia.com/advisories/42052
- http://secunia.com/advisories/42217
- http://www.debian.org/security/2011/dsa-2191
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:227
- http://www.vupen.com/english/advisories/2010/2853
- http://www.vupen.com/english/advisories/2010/2941
- http://www.vupen.com/english/advisories/2010/2959
- http://www.vupen.com/english/advisories/2010/2962
- http://www.securityfocus.com/bid/44562
- http://bugs.proftpd.org/show_bug.cgi?id=3519
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.html
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.498209
- http://www.openwall.com/lists/oss-security/2010/11/01/4
- http://www.proftpd.org/docs/NEWS-1.3.3c