1.3.3 이전 버전의 해당 취약점 요약

Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.


1.3.3c 변경점
-------------

+ Fixed Telnet IAC stack overflow vulnerability (ZDI-CAN-925)
+ Fixed directory traversal bug in mod_site_misc
+ Fixed SQLite authentications using "SQLAuthType Backend"






관련 링크 :
http://proftpd.org/docs/RELEASE_NOTES-1.3.3c
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867

'News' 카테고리의 다른 글

Samba 3.4.11 release  (0) 2011.01.25
ProFTPD 1.3.4rc1, 1.3.3d release  (0) 2010.12.26
ProFTPD 1.3.3c Release  (0) 2010.12.02
ModSecurity 2.5.13 release  (0) 2010.12.01
XE 1.4.4.2 배포  (0) 2010.12.01
Rootkit Hunter release 1.3.8  (0) 2010.11.17

+ Recent posts