CVE-2010-3867
EPSS 0.59%
Description
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
How to fix CVE-2010-3867
To remediate CVE-2010-3867, upgrade the affected package to a fixed version below.
- Debian/proftpd-dfsg—upgrade to 1.3.3a-4 or later
Is CVE-2010-3867 being exploited?
Low — EPSS is 0.6%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.3.3a-4