OpenCVE

Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pureftpd	Pure-ftpd
Suse	Linux Enterprise Desktop Linux Enterprise Server

Configuration 1 [-]

AND

OR	cpe:2.3:a:pureftpd:pure-ftpd::::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.90:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.91:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.92:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.93:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.94:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.95:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre1::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre2::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre3::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre4::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.95.1:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.95.2:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.96:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.96:pre1::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.96.1:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97:pre1::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.97:pre2::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.97:pre3::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.97:pre4::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.97:pre5::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.97-final:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.1:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.2:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.3:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.4:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.5:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.6:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.7:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.7:pre1::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.7:pre2::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.97.7:pre3::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.98:final::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.98:pre1::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.98:pre2::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.98.1:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.98.2:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.98.2:a::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.98.3:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.98.4:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.98.5:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.98.6:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.98.7:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.99:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.99:a::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.99:b::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.99:pre1::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.99:pre2::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.99.1:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.99.1:a::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.99.1:b::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.99.2:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.99.2:a::::::
	cpe:2.3:a:pureftpd:pure-ftpd:0.99.3:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.99.4:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:0.99.9:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:1.0.0:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:1.0.1:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:1.0.2:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:1.0.3:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:1.0.4:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:1.0.5:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:1.0.6:::::::*
	cpe:2.3:a:pureftpd:pure-ftpd:1.0.7:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.8:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.9:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.10:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.11:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.12:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.13:a::::::
cpe:2.3:a:pureftpd:pure-ftpd:1.0.14:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.15:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.16:a::::::
cpe:2.3:a:pureftpd:pure-ftpd:1.0.16:b::::::
cpe:2.3:a:pureftpd:pure-ftpd:1.0.16:c::::::
cpe:2.3:a:pureftpd:pure-ftpd:1.0.17:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.17:a::::::
cpe:2.3:a:pureftpd:pure-ftpd:1.0.18:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.19:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.20:::::::*
cpe:2.3:a:pureftpd:pure-ftpd:1.0.21:::::::*

OR	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_server:10:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:10:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp1::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp1:vmware:::::*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00016.html
http://www.securityfocus.com/bid/49541
https://exchange.xforce.ibmcloud.com/vulnerabilities/69686

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-11-04T21:00:00

Updated: 2024-08-06T23:22:27.748Z

Reserved: 2011-08-19T00:00:00

Link: CVE-2011-3171

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-11-04T21:55:02.550

Modified: 2024-11-21T01:29:53.840

Link: CVE-2011-3171

Redhat

No data.

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object