Yes that was my initial concern, but I am fairly certain that this hasn't happened and I can login via ssh and all the directorys are writable. I have logwatch notify me every day and I have seen nothing out of the ordinary, I'm not running awstats or phpmyadmin because of the security holes, I'm very puzzled and a little concerned, but will look into it further.
Cheers.
Edit
This write variable in vsftp.conf was disabled, I think I fiddled with that a while ago, but I am fairly confident that if my box was hacked that people would not be making it harder to write files

but it's good because now I can ftp files. Gonna keep and eye on things though.
Cheers.