PT-2001-1667 · Debian · Proftpd

Published

2001-06-27

Updated

2017-10-10

CVE-2001-0456

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Proftpd in Debian 2.2

Description The postinst installation script for Proftpd in Debian does not properly change the configuration when the user enables anonymous access. This causes the server to run at a higher privilege than intended.

Recommendations For Proftpd in Debian 2.2, manually adjust the configuration to ensure the server runs with the intended privileges after enabling anonymous access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0456

Affected Products

Proftpd

PT-2001-1667 · Debian · Proftpd

CVE-2001-0456

Related Identifiers

Affected Products

References · 3