CVE-2011-0988

2011-04-18T17:55:00
ID CVE-2011-0988
Type cve
Reporter cve@mitre.org
Modified 2017-08-17T01:33:00

Description

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors.