CVE-2004-0432

Sažetak

ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.

Reference

http://bugs.proftpd.org/show_bug.cgi?id=2267
http://marc.info/?l=bugtraq&m=108335030208523&w=2
http://marc.info/?l=bugtraq&m=108335051011341&w=2
http://secunia.com/advisories/11527
http://www.mandriva.com/security/advisories?name=MDKSA-2004:041
http://www.securityfocus.com/bid/10252
https://exchange.xforce.ibmcloud.com/vulnerabilities/16038

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-07-2017 - 01:30

Objavljeno

18-08-2004 - 04:00