9 matches found
FreeBSD Ports: lftp
The remote host is missing an update to the system as announced in the referenced advisory. VID d7af61c8-2cc0-11d8-9355-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: lftp
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 406-1 (lftp)
The remote host is missing an update to lftp announced via advisory DSA 406-1. OpenVAS Vulnerability Test $Id: deb4061.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 406-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Mandrake Linux Security Advisory : lftp (MDKSA-2003:116)
A buffer overflow vulnerability was discovered by Ulf Harnhammar in the lftp FTP client when connecting to a web server using HTTP or HTTPS and using the 'ls' or 'rels' command on specially prepared directory. This vulnerability exists in lftp versions 2.3.0 through 2.6.9 and is corrected upstrea...
Fedora Core 1 : lftp (2003-034)
Ulf Harnhammar found a remotely-triggerable buffer overflow in lftp. An attacker could create a carefully crafted directory on a website such that, if a user connects to that directory using the lftp client and subsequently issues a 'ls' or 'rels' command, the attacker could execute arbitrary cod...
RHEL 2.1 / 3 : lftp (RHSA-2003:404)
Updated lftp packages are now available that fix a buffer overflow security vulnerability. lftp is a command-line file transfer program supporting FTP and HTTP protocols. Ulf Harnhammar discovered a buffer overflow bug in versions of lftp up to and including 2.6.9. An attacker could create a...
CVE-2003-0963
Buffer overflows in 1 trynetscapeproxy and 2 trysquideplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands...
CVE-2003-0963
Buffer overflows in 1 trynetscapeproxy and 2 trysquideplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands...
CVE-2003-0963
CVE-2003-0963 covers a buffer overflow in lftp up to version 2.6.9 (and earlier) triggered by long directory names processed by the ls or rels commands when contacting remote HTTP servers. Public advisories (e.g., Debian DSA-406, Mandrake MDKSA-2003:116) note that the flaw could allow remote code...