4 matches found
FreeBSD Ports: tnftp
The remote host is missing an update to the system as announced in the referenced advisory. VID f92e1bbc-5e18-11d9-839a-0050da134090 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
GLSA-200501-24 : tnftp: Arbitrary file overwriting
The remote host is affected by the vulnerability described in GLSA-200501-24 tnftp: Arbitrary file overwriting The 'mget' function in cmds.c lacks validation of the filenames that are supplied by the server. Impact : An attacker running an FTP server could supply clients with malicious filenames,...
CVE-2004-1294
The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / slash characters...
CVE-2004-1294
The CVE-2004-1294 issue affects tnftp (2003-08-25 build) where the mget function in cmds.c does not validate server-supplied filenames containing /, allowing a remote FTP server to overwrite arbitrary files on the client system. This could occur when processing responses that include such filenam...