{"id":"CVE-2010-3867","details":"Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command.","modified":"2026-01-27T04:10:28.963695Z","published":"2010-11-09T21:00:04Z","withdrawn":"2026-01-27T04:10:28.963695Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/42047"},{"type":"ADVISORY","url":"http://secunia.com/advisories/42052"},{"type":"ADVISORY","url":"http://secunia.com/advisories/42217"},{"type":"ADVISORY","url":"http://www.debian.org/security/2011/dsa-2191"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:227"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/2853"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/2941"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/2959"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2010/2962"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/44562"},{"type":"WEB","url":"http://bugs.proftpd.org/show_bug.cgi?id=3519"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050687.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050703.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050726.html"},{"type":"WEB","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.498209"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2010/11/01/4"},{"type":"WEB","url":"http://www.proftpd.org/docs/NEWS-1.3.3c"}],"schema_version":"1.7.3"}