Oracle Solaris Third-Party Patch Update : proftpd (cve_2012_6095_race_conditions)

The remote Solaris system is missing necessary patches to address security updates : - ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the 1 MKD or 2 XMKD commands. CVE-2012-609...

Fedora Update for proftpd FEDORA-2013-16810

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for proftpd FEDORA-2013-0437

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for proftpd FEDORA-2013-0468

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2012-6095

ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the 1 MKD or 2 XMKD commands...

CVE-2012-6095

CVE-2012-6095 affects ProFTPD prior to 1.3.5rc1. When using the UserOwner directive, a race condition with a symlink attack on the MKD or XMKD commands lets a local user modify ownership of arbitrary files. The vulnerability arises from insecure handling of temporary files during directory creati...