CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-12170

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0080%
EPSS Percentile42.43th
Published2017年9月21日
Last Modified2026年5月13日

Vulnerability Description

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related configuration. This issue doesn't affect upstream version of pure-ftpd.

Affected Platforms (CPE)

📦
Pureftpd

Pure Ftpd

= 1.0.46-1
💻
Fedoraproject

Fedora

= 26
💻
Fedoraproject

Fedora

= 27

References & Advisories

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1493114
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1493114

関連する脆弱性情報

CVE-2020-93657.5

An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.

CVE-2020-92747.5

An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked lis...

CVE-2020-353597.5

Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection li...

CVE-2019-201767.5

In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.