|
Family: Debian Local Security Checks --> Category: infos
[DSA406] DSA-406-1 lftp Vulnerability Scan
Vulnerability Scan Summary DSA-406-1 lftp
Detailed Explanation for this Vulnerability Test
Ulf Härnhammar discovered a buffer overflow in lftp, a set of
sophisticated command-line FTP/HTTP client programs. A possible hacker
could create a carefully crafted directory on a website so that the
execution of an 'ls' or 'rels' command would lead to the execution of
arbitrary code on the client machine.
For the stable distribution (woody) this problem has been fixed in
version 2.4.9-1woody2.
For the unstable distribution (sid) this problem has been fixed in
version 2.6.10-1.
Solution : http://www.debian.org/security/2004/dsa-406
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|