CVE-2011-3171

Name of the Vulnerable Software and Affected Versions pure-FTPd version 1.0.22 pure-FTPd (affected versions not specified, possibly other versions)

Description The issue allows local users to overwrite arbitrary files via unknown vectors when the Netware OES remote server feature is enabled. This can lead to a breach of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be performed locally.

Recommendations For pure-FTPd version 1.0.22, consider disabling the Netware OES remote server feature until a patch is available. For other possibly affected versions of pure-FTPd, at the moment, there is no information about a newer version that contains a fix for this vulnerability.