Debian: lftp Buffer overflow vulnerability

    Date05 Jan 2004
    CategoryDebian
    2350
    Posted ByLinuxSecurity Advisories
    An attacker could create a carefully crafted directory on a website so that theexecution of an 'ls' or 'rels' command would lead to the execution of arbitrary code on the client machine.
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 406-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.  
    http://www.debian.org/security/                             Martin Schulze
    January 5th, 2004                         http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : lftp
    Vulnerability  : buffer overflow
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CAN-2003-0963
    
    Ulf Harnhammar discovered a buffer overflow in lftp, a set of
    sophisticated command-line FTP/HTTP client programs.  An attacker
    could create a carefully crafted directory on a website so that the
    execution of an 'ls' or 'rels' command would lead to the execution of
    arbitrary code on the client machine.
    
    For the stable distribution (woody) this problem has been fixed in
    version 2.4.9-1woody2.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 2.6.10-1.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2.dsc
          Size/MD5 checksum:      604 f5daa8b9ca0b4a3dd775ece1d5d90dbc
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2.diff.gz
          Size/MD5 checksum:    23483 9f2005abc309b9e44c09e4518063f811
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9.orig.tar.gz
          Size/MD5 checksum:  1479880 53ce980339e1adb0c4ec7135950d2055
    
      Alpha architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_alpha.deb
          Size/MD5 checksum:   506612 8c0580626371c756c0a0c62eeb5128f0
    
      ARM architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_arm.deb
          Size/MD5 checksum:   443624 8b2393f949aeca43699e27527d4e3179
    
      Intel IA-32 architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_i386.deb
          Size/MD5 checksum:   441070 96b40a457747a309b72e240bf88f1dcd
    
      Intel IA-64 architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_ia64.deb
          Size/MD5 checksum:   602626 bbc526e8b9212b5b1e80558958677299
    
      HP Precision architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_hppa.deb
          Size/MD5 checksum:   499616 8ad2c1349fe16284b8f904d88177e9ee
    
      Motorola 680x0 architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_m68k.deb
          Size/MD5 checksum:   423600 652c35b149e1ce3bb6602ed17430e1a2
    
      Big endian MIPS architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_mips.deb
          Size/MD5 checksum:   472524 7545ec21b6a423373538ecd941848e5a
    
      Little endian MIPS architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_mipsel.deb
          Size/MD5 checksum:   470934 3153069a5cd81582d270bb0341b30c08
    
      PowerPC architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_powerpc.deb
          Size/MD5 checksum:   457702 4d58d1f70d75f8a8f173f5d966ced97a
    
      IBM S/390 architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_s390.deb
          Size/MD5 checksum:   452260 149e1fbbc06fdad45b0cf64cb3d43350
    
      Sun Sparc architecture:
    
          http://security.debian.org/pool/updates/main/l/lftp/lftp_2.4.9-1woody2_sparc.deb
          Size/MD5 checksum:   445716 07b1e6b07e9a4a7f47bddebf82c5f372
    
    
      These files will probably be moved into the stable distribution on
      its next revision.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb   http://security.debian.org/ stable/updates main
    For dpkg-ftp:   ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and   http://packages.debian.org/
    
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.3 (GNU/Linux)
    
    iD8DBQE/+QkuW5ql+IAeqTIRAplgAJ48yocC2J1qMYw5P/H07jojSyr71QCfT0PH
    x3Gh7dUn7W8jPvW7MHzEOYE=
    =bqOs
    -----END PGP SIGNATURE-----
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"4","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":14.29,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.