1
PublicDateAtUSN: 2010-07-06
2
Candidate: CVE-2010-2251
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2251
6
http://www.ocert.org/advisories/ocert-2010-001.html
7
http://www.debian.org/security/2010/dsa-2085
8
https://usn.ubuntu.com/usn/usn-984-1
10
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not
11
properly validate a server-provided filename before determining the
12
destination filename of a download, which allows remote servers to create
13
or overwrite arbitrary files via a Content-Disposition header that suggests
14
a crafted filename, and possibly execute arbitrary code as a consequence of
15
writing to a dotfile in a home directory.
18
mdeslaur> dapper's lftp is too old to support server-suggested filenames
20
https://bugzilla.redhat.com/show_bug.cgi?id=602836
21
https://bugzilla.redhat.com/show_bug.cgi?id=591580
27
upstream_lftp: released (4.0.6)
28
dapper_lftp: not-affected (code not present)
29
hardy_lftp: released (3.6.1-1ubuntu0.1)
30
jaunty_lftp: released (3.7.8-1ubuntu0.1)
31
karmic_lftp: released (3.7.15-1ubuntu2.1)
32
lucid_lftp: released (4.0.2-1ubuntu0.1)
33
devel_lftp: not-affected (4.0.6-1)