CVE-2004-0432 Information

Description

ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll which could allow FTP clients to bypass intended access restrictions.

Reference

http://bugs.proftpd.org/show_bug.cgi?id=2267 http://marc.info/?l=bugtraq&m=108335030208523&w=2 http://marc.info/?l=bugtraq&m=108335051011341&w=2 http://secunia.com/advisories/11527 http://www.mandriva.com/security/advisories?name=MDKSA-2004:041 http://www.securityfocus.com/bid/10252 https://exchange.xforce.ibmcloud.com/vulnerabilities/16038