Описание
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.3.4a-3 |
| esm-apps/xenial | not-affected | 1.3.4a-3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [1.3.4a-3]] |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| oneiric | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | not-affected | 1.3.4a-3 |
Показывать по
Ссылки на источники
EPSS
1.2 Low
CVSS2
Связанные уязвимости
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows lo ...
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.
Уязвимости операционной системы Debian GNU/Linux, позволяющие локальному злоумышленнику нарушить целостность защищаемой информации
EPSS
1.2 Low
CVSS2