Summary: | net-ftp/tnftp-20030825: does not check for directory escapes | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sascha Silbe <sascha-gentoo-bugzilla> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | g2boojum |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Sascha Silbe
2004-12-16 15:46:39 UTC
Grant, you commited the ebuild... maybe you can verify/advise _______ http://securitytracker.com/alerts/2004/Dec/1012589.html http://secunia.com/advisories/13516/ ====================================================== Candidate: CAN-2004-1294 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1294 Reference: MISC:http://tigger.uic.edu/~jlongs2/holes/tnftp.txt The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary files via FTP responses containing file names with / (slash) characters. ====================================================== This is http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=285902 But they don't seem to find much more than we do. Version bumped to fix the security hole. Need testing by sparc, ppc, alpha, and amd64, please. Stable on sparc. Was never stable on ppc and amd64, removing them from Cc... Stable on alpha. GLSA 200501-24 |