CVE-2010-3350
CVE-2010-3350 affects bareFTP up to at least 0.3.4, where a zero-length directory name placed in LD_LIBRARY_PATH enables local privilege escalation via aTrojan-horse shared library in the CWD. Public advisories (SUSE, Fedora) reference updated packages: Fedora 0.3.7-1 (for fc13/fc14) to address t...