Lucene search
GoogleOSV:DSA-406HistoryJan 05, 2004 - 12:00 a.m.
lftp - buffer overflow
2004-01-0500:00:00
Google
osv.dev
9
EPSS
0.017
Percentile
88.0%
Ulf Härnhammar discovered a buffer overflow in lftp, a set of
sophisticated command-line FTP/HTTP client programs. An attacker
could create a carefully crafted directory on a website so that the
execution of an ‘ls’ or ‘rels’ command would lead to the execution of
arbitrary code on the client machine.
For the stable distribution (woody) this problem has been fixed in
version 2.4.9-1woody2.
For the unstable distribution (sid) this problem has been fixed in
version 2.6.10-1.
References
Related
freebsd
freebsd
lftp HTML parsing vulnerability
2003-12-11 00:00:00
openvas
openvas
FreeBSD Ports: lftp
2008-09-04 00:00:00
FreeBSD Ports: lftp
2008-09-04 00:00:00
Debian: Security Advisory (DSA-406)
2008-01-17 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : lftp (MDKSA-2003:116)
2004-07-31 00:00:00
Debian DSA-406-1 : lftp - buffer overflow
2004-09-29 00:00:00
FreeBSD : lftp HTML parsing vulnerability (89)
2004-07-06 00:00:00
redhat
redhat
(RHSA-2003:404) lftp security update
2003-12-16 00:00:00
suse
suse
remote system compromise in lftp
2003-12-15 13:35:24
debian
debian
[SECURITY] [DSA 406-1] New lftp packages fix arbitrary code execution
2004-01-05 06:50:23
[SECURITY] [DSA 406-1] New lftp packages fix arbitrary code execution
2004-01-05 06:50:23
cve
cve
CVE-2003-0963
2004-01-05 05:00:00
debiancve
debiancve
CVE-2003-0963
2004-01-05 05:00:00
exploitdb
exploitdb
lftp 2.6.9 - Remote Stack Overflow
2004-01-14 00:00:00
cvelist
cvelist
CVE-2003-0963
2003-12-17 05:00:00
nvd
nvd
CVE-2003-0963
2004-01-05 05:00:00