postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2001-09-18T04:00:00

Updated: 2024-08-08T04:21:38.530Z

Reserved: 2001-05-24T00:00:00

Link: CVE-2001-0456

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2001-06-27T04:00:00.000

Modified: 2024-11-20T23:35:24.583

Link: CVE-2001-0456

cve-icon Redhat

No data.