World-writeable directory vulnerability in pure-ftpd 1.0.22 on SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions
CVE-2011-0988 · MEDIUM Severity
AV:L/AC:M/AU:N/C:P/I:P/A:P
pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors.
Learn more about our Cis Benchmark Audit For Desktop Software.