Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
2010-11-09T21:00:04.413
2025-04-11T00:51:21.963
Deferred
CVSSv2: 7.1 (HIGH)
AV:N/AC:H/Au:S/C:C/I:C/A:C
3.9
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | proftpd | proftpd | 1.2.10 | Yes |
Application | proftpd | proftpd | 1.2.10 | Yes |
Application | proftpd | proftpd | 1.2.10 | Yes |
Application | proftpd | proftpd | 1.2.10 | Yes |
Application | proftpd | proftpd | 1.3.0 | Yes |
Application | proftpd | proftpd | 1.3.0 | Yes |
Application | proftpd | proftpd | 1.3.0 | Yes |
Application | proftpd | proftpd | 1.3.0 | Yes |
Application | proftpd | proftpd | 1.3.0 | Yes |
Application | proftpd | proftpd | 1.3.0 | Yes |
Application | proftpd | proftpd | 1.3.0 | Yes |
Application | proftpd | proftpd | 1.3.1 | Yes |
Application | proftpd | proftpd | 1.3.1 | Yes |
Application | proftpd | proftpd | 1.3.1 | Yes |
Application | proftpd | proftpd | 1.3.1 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.2 | Yes |
Application | proftpd | proftpd | 1.3.3 | Yes |
Application | proftpd | proftpd | 1.3.3 | Yes |
Application | proftpd | proftpd | 1.3.3 | Yes |
Application | proftpd | proftpd | 1.3.3 | Yes |
Application | proftpd | proftpd | 1.3.3 | Yes |
Application | proftpd | proftpd | 1.3.3 | Yes |
Application | proftpd | proftpd | 1.3.3 | Yes |