1.3.3 이전 버전의 해당 취약점 요약

Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.


1.3.3c 변경점
-------------

+ Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
+ Fixed directory traversal bug in mod_site_misc
+ Fixed SQLite authentications using "SQLAuthType Backend"






관련 링크 :
http://proftpd.org/docs/RELEASE_NOTES-1.3.3c
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867

'News' 카테고리의 다른 글

Samba 3.4.11 release  (0) 2011.01.25
ProFTPD 1.3.4rc1, 1.3.3d release  (0) 2010.12.26
ModSecurity 2.5.13 release  (0) 2010.12.01
XE 1.4.4.2 배포  (0) 2010.12.01
Rootkit Hunter release 1.3.8  (0) 2010.11.17

+ Recent posts