Search
Find a vulnerability
Search criteria
6 vulnerabilities by alexander_v._lukyanov
CVE-2010-2251 (GCVE-0-2010-2251)
Vulnerability from nvd – Published: 2010-07-06 14:00 – Updated: 2024-08-07 02:25
VLAI
Summary
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2010-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:25:07.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127411372529485\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2010-0073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=602836"
},
{
"name": "ADV-2010-1654",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1654"
},
{
"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127611288927500\u0026w=2"
},
{
"name": "FEDORA-2010-9819",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ocert.org/advisories/ocert-2010-001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "40400",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40400"
},
{
"name": "DSA-2085",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2085"
},
{
"name": "20101027 rPSA-2010-0073-1 lftp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514499/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127432968701342\u0026w=2"
},
{
"name": "[oss-security] 20100610 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127620248914170\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127411372529485\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2010-0073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=602836"
},
{
"name": "ADV-2010-1654",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1654"
},
{
"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127611288927500\u0026w=2"
},
{
"name": "FEDORA-2010-9819",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ocert.org/advisories/ocert-2010-001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "40400",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40400"
},
{
"name": "DSA-2085",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2085"
},
{
"name": "20101027 rPSA-2010-0073-1 lftp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514499/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127432968701342\u0026w=2"
},
{
"name": "[oss-security] 20100610 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127620248914170\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=127411372529485\u0026w=2"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2010-0073",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2010-0073"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=602836",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=602836"
},
{
"name": "ADV-2010-1654",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1654"
},
{
"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=127611288927500\u0026w=2"
},
{
"name": "FEDORA-2010-9819",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.html"
},
{
"name": "http://www.ocert.org/advisories/ocert-2010-001.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2010-001.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=591580",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"
},
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "40400",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40400"
},
{
"name": "DSA-2085",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2085"
},
{
"name": "20101027 rPSA-2010-0073-1 lftp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514499/100/0/threaded"
},
{
"name": "http://lftp.yar.ru/news.html",
"refsource": "CONFIRM",
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=127432968701342\u0026w=2"
},
{
"name": "[oss-security] 20100610 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=127620248914170\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2251",
"datePublished": "2010-07-06T14:00:00.000Z",
"dateReserved": "2010-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:25:07.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2348 (GCVE-0-2007-2348)
Vulnerability from nvd – Published: 2007-04-27 18:00 – Updated: 2024-08-07 13:33
VLAI
Summary
mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses security boundaries, since the script already supports commands such as "get" which could overwrite executable files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/36559 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/1590 | vdb-entryx_refsource_VUPEN |
| https://issues.rpath.com/browse/RPL-1229 | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=173524 | x_refsource_CONFIRM |
| http://secunia.com/advisories/25107 | third-party-advisoryx_refsource_SECUNIA |
| http://rhn.redhat.com/errata/RHSA-2009-1278.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/23736 | vdb-entryx_refsource_BID |
| http://lftp.yar.ru/news.html | x_refsource_CONFIRM |
| http://secunia.com/advisories/25132 | third-party-advisoryx_refsource_SECUNIA |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2007-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36559"
},
{
"name": "ADV-2007-1590",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1590"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=173524"
},
{
"name": "25107",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25107"
},
{
"name": "RHSA-2009:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1278.html"
},
{
"name": "23736",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23736"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "25132",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25132"
},
{
"name": "oval:org.mitre.oval:def:10806",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10806"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses security boundaries, since the script already supports commands such as \"get\" which could overwrite executable files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "36559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36559"
},
{
"name": "ADV-2007-1590",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1590"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=173524"
},
{
"name": "25107",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25107"
},
{
"name": "RHSA-2009:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1278.html"
},
{
"name": "23736",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23736"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "25132",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25132"
},
{
"name": "oval:org.mitre.oval:def:10806",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10806"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-2348",
"datePublished": "2007-04-27T18:00:00.000Z",
"dateReserved": "2007-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:33:28.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0963 (GCVE-0-2003-0963)
Vulnerability from nvd – Published: 2003-12-17 05:00 – Updated: 2024-08-08 02:12
VLAI
Summary
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2003-12-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20031217 [OpenPKG-SA-2003.053] OpenPKG Security Advisory (lftp)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107167974714484\u0026w=2"
},
{
"name": "RHSA-2003:404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-404.html"
},
{
"name": "DSA-406",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-406"
},
{
"name": "MDKSA-2003:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:116"
},
{
"name": "10525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10525"
},
{
"name": "SuSE-SA:2003:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_051_lftp.html"
},
{
"name": "oval:org.mitre.oval:def:11180",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11180"
},
{
"name": "20031212 [slackware-security] lftp security update (SSA:2003-346-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107126386226196\u0026w=2"
},
{
"name": "20031218 GLSA: lftp (200312-07)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107177409418121\u0026w=2"
},
{
"name": "10548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10548"
},
{
"name": "20040101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040101-01-U"
},
{
"name": "CLA-2004:800",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107340499504411\u0026w=2"
},
{
"name": "RHSA-2003:403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-403.html"
},
{
"name": "20031213 lftp buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107152267121513\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-12-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20031217 [OpenPKG-SA-2003.053] OpenPKG Security Advisory (lftp)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107167974714484\u0026w=2"
},
{
"name": "RHSA-2003:404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-404.html"
},
{
"name": "DSA-406",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-406"
},
{
"name": "MDKSA-2003:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:116"
},
{
"name": "10525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10525"
},
{
"name": "SuSE-SA:2003:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_051_lftp.html"
},
{
"name": "oval:org.mitre.oval:def:11180",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11180"
},
{
"name": "20031212 [slackware-security] lftp security update (SSA:2003-346-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107126386226196\u0026w=2"
},
{
"name": "20031218 GLSA: lftp (200312-07)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107177409418121\u0026w=2"
},
{
"name": "10548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10548"
},
{
"name": "20040101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040101-01-U"
},
{
"name": "CLA-2004:800",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107340499504411\u0026w=2"
},
{
"name": "RHSA-2003:403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-403.html"
},
{
"name": "20031213 lftp buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107152267121513\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20031217 [OpenPKG-SA-2003.053] OpenPKG Security Advisory (lftp)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107167974714484\u0026w=2"
},
{
"name": "RHSA-2003:404",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-404.html"
},
{
"name": "DSA-406",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-406"
},
{
"name": "MDKSA-2003:116",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:116"
},
{
"name": "10525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10525"
},
{
"name": "SuSE-SA:2003:051",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_051_lftp.html"
},
{
"name": "oval:org.mitre.oval:def:11180",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11180"
},
{
"name": "20031212 [slackware-security] lftp security update (SSA:2003-346-01)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107126386226196\u0026w=2"
},
{
"name": "20031218 GLSA: lftp (200312-07)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107177409418121\u0026w=2"
},
{
"name": "10548",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10548"
},
{
"name": "20040101-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040101-01-U"
},
{
"name": "CLA-2004:800",
"refsource": "CONECTIVA",
"url": "http://marc.info/?l=bugtraq\u0026m=107340499504411\u0026w=2"
},
{
"name": "RHSA-2003:403",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-403.html"
},
{
"name": "20031213 lftp buffer overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107152267121513\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0963",
"datePublished": "2003-12-17T05:00:00.000Z",
"dateReserved": "2003-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:12:35.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2251 (GCVE-0-2010-2251)
Vulnerability from cvelistv5 – Published: 2010-07-06 14:00 – Updated: 2024-08-07 02:25
VLAI
Summary
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2010-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:25:07.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127411372529485\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2010-0073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=602836"
},
{
"name": "ADV-2010-1654",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1654"
},
{
"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127611288927500\u0026w=2"
},
{
"name": "FEDORA-2010-9819",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ocert.org/advisories/ocert-2010-001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "40400",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40400"
},
{
"name": "DSA-2085",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2085"
},
{
"name": "20101027 rPSA-2010-0073-1 lftp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/514499/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127432968701342\u0026w=2"
},
{
"name": "[oss-security] 20100610 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127620248914170\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127411372529485\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/Advisories:rPSA-2010-0073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=602836"
},
{
"name": "ADV-2010-1654",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1654"
},
{
"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127611288927500\u0026w=2"
},
{
"name": "FEDORA-2010-9819",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ocert.org/advisories/ocert-2010-001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"
},
{
"name": "SUSE-SR:2010:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "40400",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40400"
},
{
"name": "DSA-2085",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2085"
},
{
"name": "20101027 rPSA-2010-0073-1 lftp",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/514499/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127432968701342\u0026w=2"
},
{
"name": "[oss-security] 20100610 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127620248914170\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=127411372529485\u0026w=2"
},
{
"name": "http://wiki.rpath.com/Advisories:rPSA-2010-0073",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/Advisories:rPSA-2010-0073"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=602836",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=602836"
},
{
"name": "ADV-2010-1654",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1654"
},
{
"name": "[oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=127611288927500\u0026w=2"
},
{
"name": "FEDORA-2010-9819",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.html"
},
{
"name": "http://www.ocert.org/advisories/ocert-2010-001.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2010-001.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=591580",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=591580"
},
{
"name": "SUSE-SR:2010:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
},
{
"name": "40400",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40400"
},
{
"name": "DSA-2085",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2085"
},
{
"name": "20101027 rPSA-2010-0073-1 lftp",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514499/100/0/threaded"
},
{
"name": "http://lftp.yar.ru/news.html",
"refsource": "CONFIRM",
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "[oss-security] 20100520 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=127432968701342\u0026w=2"
},
{
"name": "[oss-security] 20100610 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security\u0026m=127620248914170\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2251",
"datePublished": "2010-07-06T14:00:00.000Z",
"dateReserved": "2010-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T02:25:07.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2348 (GCVE-0-2007-2348)
Vulnerability from cvelistv5 – Published: 2007-04-27 18:00 – Updated: 2024-08-07 13:33
VLAI
Summary
mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses security boundaries, since the script already supports commands such as "get" which could overwrite executable files.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/36559 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/1590 | vdb-entryx_refsource_VUPEN |
| https://issues.rpath.com/browse/RPL-1229 | x_refsource_CONFIRM |
| http://bugs.gentoo.org/show_bug.cgi?id=173524 | x_refsource_CONFIRM |
| http://secunia.com/advisories/25107 | third-party-advisoryx_refsource_SECUNIA |
| http://rhn.redhat.com/errata/RHSA-2009-1278.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/23736 | vdb-entryx_refsource_BID |
| http://lftp.yar.ru/news.html | x_refsource_CONFIRM |
| http://secunia.com/advisories/25132 | third-party-advisoryx_refsource_SECUNIA |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2007-01-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36559"
},
{
"name": "ADV-2007-1590",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1590"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1229"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=173524"
},
{
"name": "25107",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25107"
},
{
"name": "RHSA-2009:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1278.html"
},
{
"name": "23736",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23736"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "25132",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25132"
},
{
"name": "oval:org.mitre.oval:def:10806",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10806"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses security boundaries, since the script already supports commands such as \"get\" which could overwrite executable files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "36559",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36559"
},
{
"name": "ADV-2007-1590",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1590"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1229"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=173524"
},
{
"name": "25107",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25107"
},
{
"name": "RHSA-2009:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1278.html"
},
{
"name": "23736",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23736"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lftp.yar.ru/news.html"
},
{
"name": "25132",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25132"
},
{
"name": "oval:org.mitre.oval:def:10806",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10806"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-2348",
"datePublished": "2007-04-27T18:00:00.000Z",
"dateReserved": "2007-04-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T13:33:28.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0963 (GCVE-0-2003-0963)
Vulnerability from cvelistv5 – Published: 2003-12-17 05:00 – Updated: 2024-08-08 02:12
VLAI
Summary
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2003-12-12 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20031217 [OpenPKG-SA-2003.053] OpenPKG Security Advisory (lftp)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107167974714484\u0026w=2"
},
{
"name": "RHSA-2003:404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-404.html"
},
{
"name": "DSA-406",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-406"
},
{
"name": "MDKSA-2003:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:116"
},
{
"name": "10525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10525"
},
{
"name": "SuSE-SA:2003:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2003_051_lftp.html"
},
{
"name": "oval:org.mitre.oval:def:11180",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11180"
},
{
"name": "20031212 [slackware-security] lftp security update (SSA:2003-346-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107126386226196\u0026w=2"
},
{
"name": "20031218 GLSA: lftp (200312-07)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107177409418121\u0026w=2"
},
{
"name": "10548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10548"
},
{
"name": "20040101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040101-01-U"
},
{
"name": "CLA-2004:800",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107340499504411\u0026w=2"
},
{
"name": "RHSA-2003:403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-403.html"
},
{
"name": "20031213 lftp buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107152267121513\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-12-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040202-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20031217 [OpenPKG-SA-2003.053] OpenPKG Security Advisory (lftp)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107167974714484\u0026w=2"
},
{
"name": "RHSA-2003:404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-404.html"
},
{
"name": "DSA-406",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-406"
},
{
"name": "MDKSA-2003:116",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:116"
},
{
"name": "10525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10525"
},
{
"name": "SuSE-SA:2003:051",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2003_051_lftp.html"
},
{
"name": "oval:org.mitre.oval:def:11180",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11180"
},
{
"name": "20031212 [slackware-security] lftp security update (SSA:2003-346-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107126386226196\u0026w=2"
},
{
"name": "20031218 GLSA: lftp (200312-07)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107177409418121\u0026w=2"
},
{
"name": "10548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10548"
},
{
"name": "20040101-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040101-01-U"
},
{
"name": "CLA-2004:800",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107340499504411\u0026w=2"
},
{
"name": "RHSA-2003:403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-403.html"
},
{
"name": "20031213 lftp buffer overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107152267121513\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040202-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
},
{
"name": "20031217 [OpenPKG-SA-2003.053] OpenPKG Security Advisory (lftp)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107167974714484\u0026w=2"
},
{
"name": "RHSA-2003:404",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-404.html"
},
{
"name": "DSA-406",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-406"
},
{
"name": "MDKSA-2003:116",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:116"
},
{
"name": "10525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10525"
},
{
"name": "SuSE-SA:2003:051",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2003_051_lftp.html"
},
{
"name": "oval:org.mitre.oval:def:11180",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11180"
},
{
"name": "20031212 [slackware-security] lftp security update (SSA:2003-346-01)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107126386226196\u0026w=2"
},
{
"name": "20031218 GLSA: lftp (200312-07)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107177409418121\u0026w=2"
},
{
"name": "10548",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10548"
},
{
"name": "20040101-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040101-01-U"
},
{
"name": "CLA-2004:800",
"refsource": "CONECTIVA",
"url": "http://marc.info/?l=bugtraq\u0026m=107340499504411\u0026w=2"
},
{
"name": "RHSA-2003:403",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-403.html"
},
{
"name": "20031213 lftp buffer overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107152267121513\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0963",
"datePublished": "2003-12-17T05:00:00.000Z",
"dateReserved": "2003-11-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:12:35.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}