Vulnerability Details : CVE-2010-3867
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.
Vulnerability category: Directory traversal
Threat overview for CVE-2010-3867
Top countries where our scanners detected CVE-2010-3867
Top open port discovered on systems with this issue
21
IPs affected by CVE-2010-3867 131,442
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2010-3867!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2010-3867
Probability of exploitation activity in the next 30 days: 0.57%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 75 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-3867
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.1
|
HIGH | AV:N/AC:H/Au:S/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2010-3867
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-3867
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.html
[SECURITY] Fedora 13 Update: proftpd-1.3.3c-1.fc13
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.html
[SECURITY] Fedora 12 Update: proftpd-1.3.3c-1.fc12
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.498209
The Slackware Linux Project: Slackware Security Advisories
-
http://www.mandriva.com/security/advisories?name=MDVSA-2010:227
mandriva.com
-
http://www.vupen.com/english/advisories/2010/2853
Webmail | OVH- OVH
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.html
[SECURITY] Fedora 14 Update: proftpd-1.3.3c-1.fc14
-
http://www.debian.org/security/2011/dsa-2191
Debian -- Security Information -- DSA-2191-1 proftpd-dfsg
-
http://www.proftpd.org/docs/NEWS-1.3.3c
404 Not Found
-
http://www.vupen.com/english/advisories/2010/2941
Webmail | OVH- OVH
-
http://www.securityfocus.com/bid/44562
ProFTPD Multiple Remote VulnerabilitiesExploit
-
http://www.openwall.com/lists/oss-security/2010/11/01/4
oss-security - Re: Proftpd pre-authentication buffer overflow in Telnet code
-
http://bugs.proftpd.org/show_bug.cgi?id=3519
Bug 3519 – Inappropriate directory traversal allowed by mod_site_misc
-
http://www.vupen.com/english/advisories/2010/2962
Webmail | OVH- OVH
-
http://www.vupen.com/english/advisories/2010/2959
Webmail | OVH- OVH
Products affected by CVE-2010-3867
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.2.10:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.1:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:a:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.2.10:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.2.10:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.1:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.1:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:c:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:a:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:a:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:b:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc4:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:d:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.2:e:*:*:*:*:*:*
- cpe:2.3:a:proftpd:proftpd:1.3.3:b:*:*:*:*:*:*