Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2010-3867 First vendor Publication 2010-11-09
Vendor Cve Last vendor Modification 2011-09-15

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:S/C:C/I:C/A:C)
Cvss Base Score 7.1 Attack Range Network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 3.9 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3867

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 32

OpenVAS Exploits

Date Description
2011-11-21 Name : Fedora Update for proftpd FEDORA-2011-15741
File : nvt/gb_fedora_2011_15741_proftpd_fc14.nasl
2011-05-12 Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg)
File : nvt/deb_2191_1.nasl
2011-04-21 Name : Fedora Update for proftpd FEDORA-2011-5033
File : nvt/gb_fedora_2011_5033_proftpd_fc13.nasl
2011-04-21 Name : Fedora Update for proftpd FEDORA-2011-5040
File : nvt/gb_fedora_2011_5040_proftpd_fc14.nasl
2011-01-31 Name : Fedora Update for proftpd FEDORA-2011-0610
File : nvt/gb_fedora_2011_0610_proftpd_fc14.nasl
2011-01-31 Name : Fedora Update for proftpd FEDORA-2011-0613
File : nvt/gb_fedora_2011_0613_proftpd_fc13.nasl
2010-12-02 Name : Fedora Update for proftpd FEDORA-2010-17091
File : nvt/gb_fedora_2010_17091_proftpd_fc14.nasl
2010-11-30 Name : ProFTPD Multiple Remote Vulnerabilities
File : nvt/gb_proftpd_mult_vuln.nasl
2010-11-16 Name : Fedora Update for proftpd FEDORA-2010-17098
File : nvt/gb_fedora_2010_17098_proftpd_fc13.nasl
2010-11-16 Name : Fedora Update for proftpd FEDORA-2010-17220
File : nvt/gb_fedora_2010_17220_proftpd_fc12.nasl
2010-11-16 Name : Mandriva Update for proftpd MDVSA-2010:227 (proftpd)
File : nvt/gb_mandriva_MDVSA_2010_227.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-305-03 proftpd
File : nvt/esoft_slk_ssa_2010_305_03.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
68988 ProFTPD mod_site_misc Module Multiple Command Traversal Arbitrary File Manipu...

ProFTPD contains a flaw that allows a remote, authenticated attacker to traverse outside of a restricted path. The issue is due to the 'mod_site_misc' module not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'SITE MKDIR', 'SITE RMDIR', 'SITE SYMLINK' or 'SITE UTIME' commands. This directory traversal attack would allow the attacker to create and delete directories, create symlinks and modify timestamps.

Snort® IPS/IDS

Date Description
2014-01-10 ProFTPD mod_site_misc module directory traversal attempt
RuleID : 18326 - Revision : 7 - Type : PROTOCOL-FTP

Nessus® Vulnerability Scanner

Date Description
2013-09-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201309-15.nasl - Type : ACT_GATHER_INFO
2011-03-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2191.nasl - Type : ACT_GATHER_INFO
2010-11-12 Name : The remote Fedora host is missing a security update.
File : fedora_2010-17220.nasl - Type : ACT_GATHER_INFO
2010-11-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-227.nasl - Type : ACT_GATHER_INFO
2010-11-11 Name : The remote Fedora host is missing a security update.
File : fedora_2010-17091.nasl - Type : ACT_GATHER_INFO
2010-11-11 Name : The remote Fedora host is missing a security update.
File : fedora_2010-17098.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote FTP server is affected by multiple vulnerabilities.
File : proftpd_1_3_3c.nasl - Type : ACT_GATHER_INFO
2010-11-02 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-305-03.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/44562
CONFIRM http://bugs.proftpd.org/show_bug.cgi?id=3519
http://www.proftpd.org/docs/NEWS-1.3.3c
DEBIAN http://www.debian.org/security/2011/dsa-2191
FEDORA http://lists.fedoraproject.org/pipermail/package-announce/2010-November/05068...
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/05070...
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/05072...
MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2010:227
MLIST http://www.openwall.com/lists/oss-security/2010/11/01/4
SECUNIA http://secunia.com/advisories/42047
http://secunia.com/advisories/42052
http://secunia.com/advisories/42217
SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2010&...
VUPEN http://www.vupen.com/english/advisories/2010/2853
http://www.vupen.com/english/advisories/2010/2941
http://www.vupen.com/english/advisories/2010/2959
http://www.vupen.com/english/advisories/2010/2962

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2020-05-23 00:26:43
  • Multiple Updates
2016-04-26 20:10:15
  • Multiple Updates
2014-02-17 10:58:09
  • Multiple Updates
2014-01-19 21:27:12
  • Multiple Updates
2013-05-10 23:35:07
  • Multiple Updates