Lucene search

MitreCVE-2011-3171

HistoryNov 04, 2011 - 9:55 p.m.

CVE-2011-3171

2011-11-0421:55:02

CWE-22

mitre

web.nvd.nist.gov

cve-2011-3171

directory traversal

pure-ftpd

suse linux enterprise server

netware oes

vulnerability

nvd

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors.

Affected configurations

Nvd

Node

pureftpdpure-ftpdRange≤1.0.22

pureftpdpure-ftpdMatch0.90

pureftpdpure-ftpdMatch0.91

pureftpdpure-ftpdMatch0.92

pureftpdpure-ftpdMatch0.93

pureftpdpure-ftpdMatch0.94

pureftpdpure-ftpdMatch0.95

pureftpdpure-ftpdMatch0.95pre1

pureftpdpure-ftpdMatch0.95pre2

pureftpdpure-ftpdMatch0.95pre3

pureftpdpure-ftpdMatch0.95pre4

pureftpdpure-ftpdMatch0.95.1

pureftpdpure-ftpdMatch0.95.2

pureftpdpure-ftpdMatch0.96

pureftpdpure-ftpdMatch0.96pre1

pureftpdpure-ftpdMatch0.96.1

pureftpdpure-ftpdMatch0.97pre1

pureftpdpure-ftpdMatch0.97pre2

pureftpdpure-ftpdMatch0.97pre3

pureftpdpure-ftpdMatch0.97pre4

pureftpdpure-ftpdMatch0.97pre5

pureftpdpure-ftpdMatch0.97-final

pureftpdpure-ftpdMatch0.97.1

pureftpdpure-ftpdMatch0.97.2

pureftpdpure-ftpdMatch0.97.3

pureftpdpure-ftpdMatch0.97.4

pureftpdpure-ftpdMatch0.97.5

pureftpdpure-ftpdMatch0.97.6

pureftpdpure-ftpdMatch0.97.7

pureftpdpure-ftpdMatch0.97.7pre1

pureftpdpure-ftpdMatch0.97.7pre2

pureftpdpure-ftpdMatch0.97.7pre3

pureftpdpure-ftpdMatch0.98final

pureftpdpure-ftpdMatch0.98pre1

pureftpdpure-ftpdMatch0.98pre2

pureftpdpure-ftpdMatch0.98.1

pureftpdpure-ftpdMatch0.98.2

pureftpdpure-ftpdMatch0.98.2a

pureftpdpure-ftpdMatch0.98.3

pureftpdpure-ftpdMatch0.98.4

pureftpdpure-ftpdMatch0.98.5

pureftpdpure-ftpdMatch0.98.6

pureftpdpure-ftpdMatch0.98.7

pureftpdpure-ftpdMatch0.99

pureftpdpure-ftpdMatch0.99a

pureftpdpure-ftpdMatch0.99b

pureftpdpure-ftpdMatch0.99pre1

pureftpdpure-ftpdMatch0.99pre2

pureftpdpure-ftpdMatch0.99.1

pureftpdpure-ftpdMatch0.99.1a

pureftpdpure-ftpdMatch0.99.1b

pureftpdpure-ftpdMatch0.99.2

pureftpdpure-ftpdMatch0.99.2a

pureftpdpure-ftpdMatch0.99.3

pureftpdpure-ftpdMatch0.99.4

pureftpdpure-ftpdMatch0.99.9

pureftpdpure-ftpdMatch1.0.0

pureftpdpure-ftpdMatch1.0.1

pureftpdpure-ftpdMatch1.0.2

pureftpdpure-ftpdMatch1.0.3

pureftpdpure-ftpdMatch1.0.4

pureftpdpure-ftpdMatch1.0.5

pureftpdpure-ftpdMatch1.0.6

pureftpdpure-ftpdMatch1.0.7

pureftpdpure-ftpdMatch1.0.8

pureftpdpure-ftpdMatch1.0.9

pureftpdpure-ftpdMatch1.0.10

pureftpdpure-ftpdMatch1.0.11

pureftpdpure-ftpdMatch1.0.12

pureftpdpure-ftpdMatch1.0.13a

pureftpdpure-ftpdMatch1.0.14

pureftpdpure-ftpdMatch1.0.15

pureftpdpure-ftpdMatch1.0.16a

pureftpdpure-ftpdMatch1.0.16b

pureftpdpure-ftpdMatch1.0.16c

pureftpdpure-ftpdMatch1.0.17

pureftpdpure-ftpdMatch1.0.17a

pureftpdpure-ftpdMatch1.0.18

pureftpdpure-ftpdMatch1.0.19

pureftpdpure-ftpdMatch1.0.20

pureftpdpure-ftpdMatch1.0.21

AND

suselinux_enterprise_desktopMatch10sp4

suselinux_enterprise_desktopMatch11sp1

suselinux_enterprise_serverMatch10sp3

suselinux_enterprise_serverMatch10sp4

suselinux_enterprise_serverMatch11sp1

suselinux_enterprise_serverMatch11sp1vmware

VendorProductVersionCPE
pureftpdpure-ftpd*cpe:2.3:a:pureftpd:pure-ftpd:*:*:*:*:*:*:*:*
pureftpdpure-ftpd0.90cpe:2.3:a:pureftpd:pure-ftpd:0.90:*:*:*:*:*:*:*
pureftpdpure-ftpd0.91cpe:2.3:a:pureftpd:pure-ftpd:0.91:*:*:*:*:*:*:*
pureftpdpure-ftpd0.92cpe:2.3:a:pureftpd:pure-ftpd:0.92:*:*:*:*:*:*:*
pureftpdpure-ftpd0.93cpe:2.3:a:pureftpd:pure-ftpd:0.93:*:*:*:*:*:*:*
pureftpdpure-ftpd0.94cpe:2.3:a:pureftpd:pure-ftpd:0.94:*:*:*:*:*:*:*
pureftpdpure-ftpd0.95cpe:2.3:a:pureftpd:pure-ftpd:0.95:*:*:*:*:*:*:*
pureftpdpure-ftpd0.95cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre1:*:*:*:*:*:*
pureftpdpure-ftpd0.95cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre2:*:*:*:*:*:*
pureftpdpure-ftpd0.95cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre3:*:*:*:*:*:*

Vendor	Product	Version	CPE
pureftpd	pure-ftpd	*	cpe:2.3:a:pureftpd:pure-ftpd::::::::
pureftpd	pure-ftpd	0.90	cpe:2.3:a:pureftpd:pure-ftpd:0.90:::::::*
pureftpd	pure-ftpd	0.91	cpe:2.3:a:pureftpd:pure-ftpd:0.91:::::::*
pureftpd	pure-ftpd	0.92	cpe:2.3:a:pureftpd:pure-ftpd:0.92:::::::*
pureftpd	pure-ftpd	0.93	cpe:2.3:a:pureftpd:pure-ftpd:0.93:::::::*
pureftpd	pure-ftpd	0.94	cpe:2.3:a:pureftpd:pure-ftpd:0.94:::::::*
pureftpd	pure-ftpd	0.95	cpe:2.3:a:pureftpd:pure-ftpd:0.95:::::::*
pureftpd	pure-ftpd	0.95	cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre1::::::
pureftpd	pure-ftpd	0.95	cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre2::::::
pureftpd	pure-ftpd	0.95	cpe:2.3:a:pureftpd:pure-ftpd:0.95:pre3::::::