CVE-2017-7418
NONE EPSS 33.6%
Published Apr 4, 20179y ago · Modified Jun 17, 20262w ago
Published Apr 4, 2017 9y ago
Last Modified Jun 17, 2026 2w ago
Description
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but can reconfigure the home directory of an FTP user.
Threat Intelligence
EPSS Exploit Probability
33.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-59
Affected Products 6
References 8
- bugs.proftpd.org http://bugs.proftpd.org/show_bug.cgi?id=4295
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00004.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00022.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00009.html
- securityfocus.com http://www.securityfocus.com/bid/97409
- github.com https://github.com/proftpd/proftpd/commit/ecff21e0d0e84f35c299ef91d7fda088e516d4ed
- github.com https://github.com/proftpd/proftpd/commit/f59593e6ff730b832dbe8754916cb5c821db579f
- github.com https://github.com/proftpd/proftpd/pull/444/commits/349addc3be4fcdad9bd4ec01ad1ccd916c898ed8
Remediation
- bugs.proftpd.org http://bugs.proftpd.org/show_bug.cgi?id=4295
- github.com https://github.com/proftpd/proftpd/commit/ecff21e0d0e84f35c299ef91d7fda088e516d4ed
- github.com https://github.com/proftpd/proftpd/commit/f59593e6ff730b832dbe8754916cb5c821db579f
- github.com https://github.com/proftpd/proftpd/pull/444/commits/349addc3be4fcdad9bd4ec01ad1ccd916c898ed8