Launchpad CVE tracker

CVE 2010-3867

Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.

Related bugs and status

CVE-2010-3867 (Candidate) is related to these bugs:

Bug #674646: Telnet IAC processing stack overflow

Summary				In	Importance	Status
	674646	Telnet IAC processing stack overflow		proftpd-dfsg (Ubuntu)	Undecided	Fix Released

Bug #674798: Backport proftpd security fixes

Summary				In	Importance	Status
	674798	Backport proftpd security fixes		proftpd-dfsg (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.debian.org/...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://www.mandriva.co...
MISC: http://slackware.com/s...
MISC: http://www.openwall.co...
MISC: http://bugs.proftpd.or...
MISC: http://www.proftpd.org...

Launchpad.net

CVE 2010-3867

Related bugs and status

Related bugs

References