23 matches found
MiracleLinux 7 : lftp-4.4.8-12.el7 (AXSA:2020-4561:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4561:02 advisory. lftp: particular remote file names may lead to current working directory erased CVE-2018-10916 Tenable has extracted the preceding description block directly...
RHEL 6 : lftp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lftp: particular remote file names may lead to current working directory erased CVE-2018-10916 Note that Nessus has...
Oracle Linux 7 : lftp (ELSA-2020-1045)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1045 advisory. 4.4.8-12 - Resolves: 1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased Tenable has extracted the precedin...
SUSE: Security Advisory (SUSE-SU-2019:0643-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0642-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : lftp Vulnerability (NS-SA-2020-0068)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has lftp packages installed that are affected by a vulnerability: - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...
NewStart CGSL CORE 5.05 / MAIN 5.05 : lftp Vulnerability (NS-SA-2020-0103)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has lftp packages installed that are affected by a vulnerability: - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...
Amazon Linux 2 : lftp (ALAS-2020-1453)
The version of lftp installed on the remote host is prior to 4.4.8-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1453 advisory. It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of...
Medium: lftp
Issue Overview: It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled...
Huawei EulerOS: Security Advisory for lftp (EulerOS-SA-2020-1756)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : lftp (ALAS-2020-1383)
The version of lftp installed on the remote host is prior to 4.4.8-12.30. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1383 advisory. It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss ...
Medium: lftp
Issue Overview: It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled...
lftp security update
4.4.8-12 - Resolves: 1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased...
Huawei EulerOS: Security Advisory for lftp (EulerOS-SA-2020-1259)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for lftp (EulerOS-SA-2019-2485)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : lftp (EulerOS-SA-2019-2603)
According to the version of the lftp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the...
EulerOS 2.0 SP2 : lftp (EulerOS-SA-2019-2485)
According to the version of the lftp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the...
EulerOS 2.0 SP5 : lftp (EulerOS-SA-2019-2165)
According to the version of the lftp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the...
OPENSUSE-SU-2019:1110-1 Security update for lftp
This update for lftp fixes the following issues: Security issue fixed: - CVE-2018-10916: Fixed an improper file name sanitization which could lead to loss of integrity of the local system bsc1103367. Other issue addressed: - The SSH login handling code detects password prompts more reliably...
SuSE Update for lftp openSUSE-SU-2019:1059-1 (lftp)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...