ProFTPD prior to 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
proftpd proftpd |
||
proftpd proftpd 1.3.4 |
||
proftpd proftpd 1.3.2 |
||
proftpd proftpd 1.3.0 |
||
proftpd proftpd 1.2.2 |
||
proftpd proftpd 1.2.8 |
||
proftpd proftpd 1.2.7 |
||
proftpd proftpd 1.2.10 |
||
proftpd proftpd 1.3.3 |
||
proftpd proftpd 1.2.5 |
||
proftpd proftpd 1.2.4 |
||
proftpd proftpd 1.2.1 |
||
proftpd proftpd 1.2.0 |
||
proftpd proftpd 1.2.9 |
||
proftpd proftpd 1.2.6 |
||
proftpd proftpd 1.3.1 |
||
proftpd proftpd 1.2.3 |