 |
|
|
|
| ProFTPD security vulnerabilities | | Published: |  | 15.11.2010 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 11255 | | Type: |  | remote | | Level: |  | 8/10 | | Description: |  | Buffer overflow on TELNET_IAC ESC-sequence parsing. Directory traversal by creating symlinks with mod_site_misc module. |
| Affected: |  | PROFTPD : ProFTPD 1.3 | | CVE: |  | CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.) | | | | CVE-2010-4221 (Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.) | | | | CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.) | | | | CVE-2010-3867 (Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.) |
|
|
|
|
|
|
|
|
