Users of lftp please be advised of an overwrite arbitrary vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
rPSA-2010-0073-1: [rPSA-2010-0073-1] lftp
Description:
Previous versions of lftp contain a bug which could allow a remote
server to create or overwrite arbitrary files on a client. See
the linked CVE for more details on this.
http://wiki.rpath.com/Advisories:rPSA-2010-0073Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/e7mk
No comments:
Post a Comment