remote command execution in lukemftp, nkitb, nkitserv

2002-05-1611:50:45

lists.opensuse.org

0.004 Low

EPSS

Percentile

73.7%

JSON

Lukemftp (ftp(1), /usr/bin/ftp, /usr/bin/pftp) is a compfortable ftp client from NetBSD. A buffer overflow could be triggered by an malicious ftp server while the client parses the PASV ftp command. An attacker who control an ftp server to which a client using lukemftp is connected can gain remote access to the clients machine with the privileges of the user running lukeftp.

OSVersionArchitecturePackageVersionFilename
openSUSE7.0ppcnkitb< 2002.5.8-0nkitb-2002.5.8-0.ppc.rpm
openSUSE7.0sparcnkitb< 2002.5.8-0nkitb-2002.5.8-0.sparc.rpm
openSUSE7.0ppcnkitserv< 2002.5.8-0nkitserv-2002.5.8-0.ppc.rpm
openSUSE6.4ppcnkitb< 2002.5.9-0nkitb-2002.5.9-0.ppc.rpm
openSUSE7.1alphalukemftp< 1.5-89lukemftp-1.5-89.alpha.rpm
openSUSE7.3ppclukemftp< 1.5-154lukemftp-1.5-154.ppc.rpm
openSUSE7.2i386lukemftp< 1.5-256lukemftp-1.5-256.i386.rpm
openSUSE7.1ppclukemftp< 1.5-150lukemftp-1.5-150.ppc.rpm
openSUSE6.4i386nkitb< 2002.5.9-0nkitb-2002.5.9-0.i386.rpm
openSUSE7.0i386nkitserv< 2002.5.8-0nkitserv-2002.5.8-0.i386.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	7.0	ppc	nkitb	< 2002.5.8-0	nkitb-2002.5.8-0.ppc.rpm
openSUSE	7.0	sparc	nkitb	< 2002.5.8-0	nkitb-2002.5.8-0.sparc.rpm
openSUSE	7.0	ppc	nkitserv	< 2002.5.8-0	nkitserv-2002.5.8-0.ppc.rpm
openSUSE	6.4	ppc	nkitb	< 2002.5.9-0	nkitb-2002.5.9-0.ppc.rpm
openSUSE	7.1	alpha	lukemftp	< 1.5-89	lukemftp-1.5-89.alpha.rpm
openSUSE	7.3	ppc	lukemftp	< 1.5-154	lukemftp-1.5-154.ppc.rpm
openSUSE	7.2	i386	lukemftp	< 1.5-256	lukemftp-1.5-256.i386.rpm
openSUSE	7.1	ppc	lukemftp	< 1.5-150	lukemftp-1.5-150.ppc.rpm
openSUSE	6.4	i386	nkitb	< 2002.5.9-0	nkitb-2002.5.9-0.i386.rpm
openSUSE	7.0	i386	nkitserv	< 2002.5.8-0	nkitserv-2002.5.8-0.i386.rpm

Rows per page:

1-10 of 201

0.004 Low

EPSS

Percentile

73.7%

JSON

Related for SUSE-SA:2002:018