CVE-2010-3867
published 2010-11-09CVE-2010-3867: Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories…
PriorityP339high7.1CVSS 2.0
AVNACHAuSCCICAC
EXPLOIT
EPSS
7.50%
93.7th percentile
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | proftpd-dfsg | < proftpd-dfsg 1.3.3a-4 (bookworm) | proftpd-dfsg 1.3.3a-4 (bookworm) |
| proftpd | proftpd | — | — |
| proftpd | proftpd | — | — |
| proftpd | proftpd | — | — |
| proftpd | proftpd | — | — |
| proftpd | proftpd | — | — |
CVSS provenance
nvdv2.07.1HIGHAV:N/AC:H/Au:S/C:C/I:C/A:C
osv7.1HIGH
vendor_debian7.1HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3p58-8w88-7f88: Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1
ghsa_unreviewed·2022-05-17
CVE-2010-3867 [HIGH] CWE-22 GHSA-3p58-8w88-7f88: Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
OSV
CVE-2010-3867: Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1
osv·2010-11-09·CVSS 7.1
CVE-2010-3867 [HIGH] CVE-2010-3867: Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
Debian
CVE-2010-3867: proftpd-dfsg - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProF...
vendor_debian·2010·CVSS 7.1
CVE-2010-3867 [HIGH] CVE-2010-3867: proftpd-dfsg - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProF...
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
Scope: local
bookworm: resolved (fixed in 1.3.3a-4)
bullseye: resolved (fixed in 1.3.3a-4)
forky: resolved (fixed in 1.3.3a-4)
sid: resolved (fixed in 1.3.3a-4)
trixie: resolved (fixed in 1.3.3a-4)
No detection rules found.
Exploit-DB
Sun Java JRE - getSoundbank 'file://' URI Buffer Overflow (Metasploit)
exploitdb·2010-09-20
CVE-2009-3867 Sun Java JRE - getSoundbank 'file://' URI Buffer Overflow (Metasploit)
Sun Java JRE - getSoundbank 'file://' URI Buffer Overflow (Metasploit)
---
##
# $Id: java_getsoundbank_bof.rb 10394 2010-09-20 08:06:27Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Sun Java JRE getSoundbank file:// URI Buffer Overflow',
'Description' => %q{
This module exploits a flaw in the getSoundbank function in the Sun JVM.
The payload is serialized and passed to the applet via PARAM tags. It must be
a native payload.
The effected Java versions are JDK and JRE 6 Update 16 and earlier,
JDK and JRE 5.0 Update 21 and earli
Nuclei
ProFTPD < 1.3.3c - Directory Traversal via mod_site_misc
nuclei·CVSS 7.1
CVE-2010-3867 [HIGH] ProFTPD < 1.3.3c - Directory Traversal via mod_site_misc
ProFTPD < 1.3.3c - Directory Traversal via mod_site_misc
ProFTPD versions before 1.3.3c contain directory traversal vulnerabilities in the mod_site_misc module. The vulnerability allows attackers to traverse directories and potentially overwrite arbitrary files on the system through crafted input to commands like SITE MKDIR and other SITE commands.
Template:
id: CVE-2010-3867
info:
name: ProFTPD < 1.3.3c - Directory Traversal via mod_site_misc
author: pussycat0x
severity: high
description: |
ProFTPD versions before 1.3.3c contain directory traversal vulnerabilities in the mod_site_misc module. The vulnerability allows attackers to traverse directories and potentially overwrite arbitrary files on the system through crafted input to commands like SITE MKDIR and other SITE commands.
impac
Bugzilla
CVE-2010-4221 CVE-2010-3867 proftpd various flaws [fedora-all]
bugzilla·2010-11-09·CVSS 7.1
CVE-2010-4221 [HIGH] CVE-2010-4221 CVE-2010-3867 proftpd various flaws [fedora-all]
CVE-2010-4221 CVE-2010-3867 proftpd various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=651607
Please note: this issue affects multiple supported v
Bugzilla
CVE-2010-3867 proftpd: multiple directory traversal vulnerabilities
bugzilla·2010-11-09·CVSS 7.1
CVE-2010-3867 [HIGH] CVE-2010-3867 proftpd: multiple directory traversal vulnerabilities
CVE-2010-3867 proftpd: multiple directory traversal vulnerabilities
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-3867 to
the following vulnerability:
Name: CVE-2010-3867
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867
Assigned: 20101008
Reference: MLIST:[oss-security] 20101101 Re: Proftpd pre-authentication buffer overflow in Telnet code
Reference: URL: http://www.openwall.com/lists/oss-security/2010/11/01/4
Reference: CONFIRM: http://bugs.proftpd.org/show_bug.cgi?id=3519
Reference: CONFIRM: http://www.proftpd.org/docs/NEWS-1.3.3c
Reference: BID:44562
Reference: URL: http://www.securityfocus.com/bid/44562
Reference: SECUNIA:42052
Reference: URL: http://secunia.com/advisories/42052
Multiple directory traversal vulnerabilities in the mod_site_misc
arXiv
Talos: Neutralizing Vulnerabilities with Security Workarounds for Rapid Response
arxiv_fulltext·2017-11-02
Talos: Neutralizing Vulnerabilities with Security Workarounds for Rapid Response
Talos: Neutralizing Vulnerabilities with Security Workarounds for Rapid Response
Zhen Huang0.25in
Mariana D'Angelo0.25in
Dhaval Miyani0.25in
David Lie
University of Toronto
\z.huang,mariana.dangelo,dhaval.miyani\@mail.utoronto.ca,[email protected]
## Abstract
There is often a considerable delay between the discovery of a vulnerability and the issue of a patch. One way to mitigate this window of vulnerability is to use a configuration workaround, which prevents the vulnerable code from being executed at the cost of some lost functionality -- but only if one is available. Since application configurations are not specifically designed to mitigate software vulnerabilities, we find that they only cover 25.2% of vulnerabilities.
To minimize patch delay vulnerabilities and address the lim
http://bugs.proftpd.org/show_bug.cgi?id=3519http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.htmlhttp://secunia.com/advisories/42047http://secunia.com/advisories/42052http://secunia.com/advisories/42217http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.498209http://www.debian.org/security/2011/dsa-2191http://www.mandriva.com/security/advisories?name=MDVSA-2010:227http://www.openwall.com/lists/oss-security/2010/11/01/4http://www.proftpd.org/docs/NEWS-1.3.3chttp://www.securityfocus.com/bid/44562http://www.vupen.com/english/advisories/2010/2853http://www.vupen.com/english/advisories/2010/2941http://www.vupen.com/english/advisories/2010/2959http://www.vupen.com/english/advisories/2010/2962http://bugs.proftpd.org/show_bug.cgi?id=3519http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.htmlhttp://secunia.com/advisories/42047http://secunia.com/advisories/42052http://secunia.com/advisories/42217http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.498209http://www.debian.org/security/2011/dsa-2191http://www.mandriva.com/security/advisories?name=MDVSA-2010:227http://www.openwall.com/lists/oss-security/2010/11/01/4http://www.proftpd.org/docs/NEWS-1.3.3chttp://www.securityfocus.com/bid/44562http://www.vupen.com/english/advisories/2010/2853http://www.vupen.com/english/advisories/2010/2941http://www.vupen.com/english/advisories/2010/2959http://www.vupen.com/english/advisories/2010/2962
2010-11-09
Published