MiracleLinux 7 : lftp-4.4.8-12.el7 (AXSA:2020-4561:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4561:02 advisory. lftp: particular remote file names may lead to current working directory erased CVE-2018-10916 Tenable has extracted the preceding description block directly...

EUVD-2010-2263

Malware in sbrugna...

EUVD-2018-2971

Malware in sbrugna...

EUVD-2007-2343

Malware in sbrugna...

The vulnerability of the console-based FTP client lftp arises from insufficient validation of input data, allowing a hacker to delete files from the system’s current working directory.

The vulnerability of the console-based FTP client lftp exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to delete files from the current working directory of the system remotely...

USN-3731-1: LFTP vulnerability

It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

USN-3731-1 lftp vulnerability

It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...

Ubuntu Update for lftp vulnerability USN-984-1

Ubuntu Update for Linux kernel vulnerabilities USN-984-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9841.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for lftp vulnerability USN-984-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2010-2251

The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted...

DEBIAN-CVE-2007-2348

mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses security boundaries, since the script already supports commands su...

CVE-2007-2348

mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses security boundaries, since the script already supports commands su...

Debian DSA-406-1 : lftp - buffer overflow

Ulf Harnhammar discovered a buffer overflow in lftp, a set of sophisticated command-line FTP/HTTP client programs. An attacker could create a carefully crafted directory on a website so that the execution of an 'ls' or 'rels' command would lead to the execution of arbitrary code on the client...

SuSE-SA:2003:051: lftp

The remote host is missing the patch for the advisory SuSE-SA:2003:051 lftp. The the flexible and powerful FTP command-line client lftp is vulnerable to two remote buffer overflows. When using lftp via HTTP or HTTPS to execute commands like 'ls' or 'rels' specially prepared directories on the...

lftp <= 2.6.9 Remote Stack based Overflow Exploit

No description provided by source. / lftp remote stack-based overflow exploit by Li0n7 voila fr Vulnerability discovered by Ulf Harnhammar Ulf.Harnhammar.9485 student uu se Lftp versions later than 2.6.10 are prone to a remotly exploitable stack-based overflow in trynetscapeproxy and trysquideplf...

lftp 2.6.9 - Remote Stack Overflow

lftp 2.6.9 - Remote Stack Overflow / lftp remote stack-based overflow exploit by Li0n7 voila fr Vulnerability discovered by Ulf Harnhammar Ulf.Harnhammar.9485 student uu se Lftp versions later than 2.6.10 are prone to a remotly exploitable stack-based overflow in trynetscapeproxy and trysquideplf...

CVE-2003-0963

Buffer overflows in 1 trynetscapeproxy and 2 trysquideplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands...

CVE-2003-0963

Buffer overflows in 1 trynetscapeproxy and 2 trysquideplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands...

CVE-2003-0963

Buffer overflows in 1 trynetscapeproxy and 2 trysquideplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands...

lftp HTML parsing vulnerability

A buffer overflow exists in lftp which may be triggered when requesting a directory listing from a malicious server over HTTP...