ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.Referenceshttp://www.securityfocus.com/bid/10252https://exchange.xforce.ibmcloud.com/vulnerabilities/16038http://marc.info/?l=bugtraq&m=108335051011341&w=2http://bugs.proftpd.org/show_bug.cgi?id=2267http://marc.info/?l=bugtraq&m=108335030208523&w=2http://secunia.com/advisories/11527http://www.mandriva.com/security/advisories?name=MDKSA-2004:041
