[Proftpd-user] Bug 4169

[Mark M. <mos...@gm...>]

http://bugs.proftpd.org/show_bug.cgi?id=4169

We're investigating this and it still seems like it's exploitable on
1.3.6rc2. I just ran through the same steps in the above link on a freshly
rolled 1.3.6rc2 and it copied /etc/passwd to /tmp/passwd.copy

Looking at the git commits, the entry that says it fixes 4169 doesn't have
any code that seems to be related (there's a single mod_sftp patch).