CVE-2011-3171
published 2011-11-04CVE-2011-3171: Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating…
PriorityP420low3.6CVSS 2.0
AVLACLAuNCNIPAP
EXPLOIT
EPSS
0.58%
43.6th percentile
Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors.
Affected
56 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| pureftpd | pure-ftpd | <= 1.0.22 | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
| pureftpd | pure-ftpd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Pure-FTPd ≤ 1.0.22 - Directory Traversal
nuclei·CVSS 3.6
CVE-2011-3171 [LOW] Pure-FTPd ≤ 1.0.22 - Directory Traversal
Pure-FTPd ≤ 1.0.22 - Directory Traversal
Pure-FTPd versions ≤ 1.0.22 (and earlier) contain a directory traversal vulnerability when the "Netware OES remote server" feature is enabled. This allows local users to overwrite arbitrary files on the system, potentially leading to unauthorized file modification or system compromise.
Template:
id: CVE-2011-3171
info:
name: Pure-FTPd ≤ 1.0.22 - Directory Traversal
author: pussycat0x
severity: low
description: |
Pure-FTPd versions ≤ 1.0.22 (and earlier) contain a directory traversal vulnerability when the "Netware OES remote server" feature is enabled. This allows local users to overwrite arbitrary files on the system, potentially leading to unauthorized file modification or system compromise.
impact: |
Local users can exploit directory traversa
No writeups or analysis indexed.
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-09/msg00016.htmlhttp://www.securityfocus.com/bid/49541https://exchange.xforce.ibmcloud.com/vulnerabilities/69686http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-09/msg00016.htmlhttp://www.securityfocus.com/bid/49541https://exchange.xforce.ibmcloud.com/vulnerabilities/69686
2011-11-04
Published