Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2011:1028-1
HistorySep 08, 2011 - 10:08 p.m.

Security update for pure-ftpd, pure-ftpd-debuginfo (important)

2011-09-0822:08:20
lists.opensuse.org
17

EPSS

0

Percentile

5.1%

JSON

The OES Netware add-ons in pure-ftpd had a security problem
and some bugs, which are fixed by this update.

A local attacker could overwrite local files when the OES
remote server feature of pure-ftpd is enabled due to a
directory traversal. (CVE-2011-3171)

Additionally the following bugs have been fixed:

  • bnc#699300 - FTP remote server navigation does not
    always succeed
  • bnc#685447 - pure-ftpd does not throw an error when
    the name resolution fails during remote server navigation
  • bnc#700335 - put files into NCP volumes fails
  • bnc#703035 - remote_server feature opens a
    vulnerability with directory traversal & file overwriting

Related

nessus 3
cvelist 1
nvd 1
suse 1
ubuntucve 1
prion 1
cve 1
nessus
nessus
SuSE 10 Security Update : pure-ftpd (ZYPP Patch Number 7723)
2011-10-24 00:00:00
SuSE 11.1 Security Update : pure-ftpd (SAT Patch Number 5091)
2011-12-13 00:00:00
SuSE 10 Security Update : pure-ftpd, pure-ftpd-debuginfo (ZYPP Patch Number 7724)
2011-12-13 00:00:00
cvelist
cvelist
CVE-2011-3171
2011-11-04 21:00:00
nvd
nvd
CVE-2011-3171
2011-11-04 21:55:02
suse
suse
Security update for pure-ftpd (important)
2011-09-08 23:08:14
ubuntucve
ubuntucve
CVE-2011-3171
2011-11-04 00:00:00
prion
prion
Directory traversal
2011-11-04 21:55:00
cve
cve
CVE-2011-3171
2011-11-04 21:55:02

EPSS

0

Percentile

5.1%

JSON
Related for SUSE-SU-2011:1028-1
nessus3cvelist1nvd1suse1ubuntucve1prion1cve1