what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed

Files

Debian Linux Security Advisory 2085-1
Posted Aug 5, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2085-1 - It was discovered that in lftp, a command-line HTTP/FTP client, there is no proper validation of the filename provided by the server through the Content-Disposition header; attackers can use this flaw by suggesting a filename they wish to overwrite on the client machine, and then possibly execute arbitrary code (for instance if the attacker elects to write a dotfile in a home directory).

tags | advisory, web, arbitrary
systems | linux, debian
advisories | CVE-2010-2251
SHA-256 | c76579430fa5793f3b4707cde60f2c667c32c62026a9e2e75fe189140a1e8eb5
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close