Download
| Alert*
MDVSA-2013:053 -- Mandriva proftpd
A vulnerability has been found and corrected in proftpd: ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the MKD or XMKD commands . The updated packages have been patched to correct thies issue.
|