Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for pure-ftpd by Red Hat, Inc.

    CVE-2017-12170 (GCVE-0-2017-12170)

    Vulnerability from nvd – Published: 2017-09-21 20:00 – Updated: 2024-08-05 18:28
    VLAI
    Summary
    Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related configuration. This issue doesn't affect upstream version of pure-ftpd.
    Severity
    No CVSS data available.
    CWE
    • unsafe configuration
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat, Inc. pure-ftpd Affected: Fedora downstream version pure-ftpd-1.0.46-1
    Create a notification for this product.
    Date Public
    2017-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:28:16.541Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493114"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pure-ftpd",
              "vendor": "Red Hat, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Fedora downstream version pure-ftpd-1.0.46-1"
                }
              ]
            }
          ],
          "datePublic": "2017-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related configuration. This issue doesn\u0027t affect upstream version of pure-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "unsafe configuration",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-21T19:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493114"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2017-12170",
        "datePublished": "2017-09-21T20:00:00.000Z",
        "dateReserved": "2017-08-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T18:28:16.541Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-12170 (GCVE-0-2017-12170)

    Vulnerability from cvelistv5 – Published: 2017-09-21 20:00 – Updated: 2024-08-05 18:28
    VLAI
    Summary
    Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related configuration. This issue doesn't affect upstream version of pure-ftpd.
    Severity
    No CVSS data available.
    CWE
    • unsafe configuration
    Assigner
    References
    Impacted products
    Vendor Product Version
    Red Hat, Inc. pure-ftpd Affected: Fedora downstream version pure-ftpd-1.0.46-1
    Create a notification for this product.
    Date Public
    2017-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T18:28:16.541Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493114"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pure-ftpd",
              "vendor": "Red Hat, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Fedora downstream version pure-ftpd-1.0.46-1"
                }
              ]
            }
          ],
          "datePublic": "2017-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related configuration. This issue doesn\u0027t affect upstream version of pure-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "unsafe configuration",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-21T19:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493114"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2017-12170",
        "datePublished": "2017-09-21T20:00:00.000Z",
        "dateReserved": "2017-08-01T00:00:00.000Z",
        "dateUpdated": "2024-08-05T18:28:16.541Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }