- Package name
- Advisory ID
- Affected versions
- 10.0 amd64 , 10.0 i586
A portability workaround that was applied in version 1.2.9 of the ProFTPD FTP server caused CIDR based ACL entries in "Allow" and "Deny" directives to act like an "AllowAll" directive. This granted FTP clients access to files and directories that the server configuration may have been explicitly denying. This problem only exists in version 1.2.9 and has been fixed upstream. A patch has been applied to correct the problem.
1d665bfd8672682a6e7383a55b313c46 amd64/10.0/RPMS/proftpd-1.2.9-3.1.100mdk.amd64.rpm 073f7a0ba4fc179654a36ea1b11ac059 amd64/10.0/RPMS/proftpd-anonymous-1.2.9-3.1.100mdk.amd64.rpm 55c01dbc795e68adde5714b6ebef1c38 amd64/10.0/SRPMS/proftpd-1.2.9-3.1.100mdk.src.rpm
101925465015f7306e3fcf42db6c6c9b 10.0/RPMS/proftpd-1.2.9-3.1.100mdk.i586.rpm f528f42bb43e0f8cdcb8d6bb43b8c072 10.0/RPMS/proftpd-anonymous-1.2.9-3.1.100mdk.i586.rpm 55c01dbc795e68adde5714b6ebef1c38 10.0/SRPMS/proftpd-1.2.9-3.1.100mdk.src.rpm