Paketname
gftp
Datum
2005-03-04
Advisory ID
MDKSA-2005:050
Betroffene Versionen
CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64

Problembeschreibung

A vulnerability in gftp could allow a malicious FTP server to
overwrite files on the local system as the user running gftp due to
improper handling of filenames containing slashes.

The updated packages are patched to deal with these issues.

Aktualisierte Pakete

CS2.1 x86_64

 0e62f8cf63c1dfe52a8059c8890efe7d  x86_64/corporate/2.1/RPMS/gftp-2.0.13-2.1.C21mdk.x86_64.rpm
 73d1194548966c40acfa2f863b590778  x86_64/corporate/2.1/SRPMS/gftp-2.0.13-2.1.C21mdk.src.rpm

10.0 amd64

 28e4cdeac10a8e809de0f9f5372f516a  amd64/10.0/RPMS/gftp-2.0.16-4.1.100mdk.amd64.rpm
 bee5bf5c5003046e739cc8dcd763b5b9  amd64/10.0/SRPMS/gftp-2.0.16-4.1.100mdk.src.rpm

10.1 i586

 629737a4dce0aa18c5c8682f4bc7dc76  10.1/RPMS/gftp-2.0.17-4.1.101mdk.i586.rpm
 a412997b5076bbfd58c53c5df23c7897  10.1/SRPMS/gftp-2.0.17-4.1.101mdk.src.rpm

10.0 i586

 b39b15034eb4d3581c44e100af5d50f0  10.0/RPMS/gftp-2.0.16-4.1.100mdk.i586.rpm
 bee5bf5c5003046e739cc8dcd763b5b9  10.0/SRPMS/gftp-2.0.16-4.1.100mdk.src.rpm

CS3.0 x86_64

 9e21985c7ba6224eaa90fbdf9be50cd1  x86_64/corporate/3.0/RPMS/gftp-2.0.16-4.1.C30mdk.x86_64.rpm
 15bc999abc88794605dc5df20adb50a4  x86_64/corporate/3.0/SRPMS/gftp-2.0.16-4.1.C30mdk.src.rpm

CS3.0 i586

 340f5735280f121bc35301b706d6077e  corporate/3.0/RPMS/gftp-2.0.16-4.1.C30mdk.i586.rpm
 15bc999abc88794605dc5df20adb50a4  corporate/3.0/SRPMS/gftp-2.0.16-4.1.C30mdk.src.rpm

CS2.1 i586

 812d8ec7003e0efb5ed4f31fade5461e  corporate/2.1/RPMS/gftp-2.0.13-2.1.C21mdk.i586.rpm
 73d1194548966c40acfa2f863b590778  corporate/2.1/SRPMS/gftp-2.0.13-2.1.C21mdk.src.rpm

10.1 x86_64

 4d9ceebce6f39c2b426021301bfad778  x86_64/10.1/RPMS/gftp-2.0.17-4.1.101mdk.x86_64.rpm
 a412997b5076bbfd58c53c5df23c7897  x86_64/10.1/SRPMS/gftp-2.0.17-4.1.101mdk.src.rpm

Referenzen