Support / Security / Advisories / Mandriva Linux 2008.0 / MDVSA-2010:128

Package name: lftp
Date: 2010-07-06
Advisory ID: MDVSA-2010:128
Affected versions: 2009.0 x86_64 , MES5 i586 , 2010.0 x86_64 , 2010.0 i586 , 2009.1 i586 , 2009.0 i586 , 2008.0 x86_64 , 2008.0 i586 , 2009.1 x86_64 , MES5 x86_64

Problem description

A vulnerability has been found and corrected in lftp:

The get1 command, as used by lftpget, in LFTP before 4.0.6 does not
properly validate a server-provided filename before determining the
destination filename of a download, which allows remote servers to
create or overwrite arbitrary files via a Content-Disposition header
that suggests a crafted filename, and possibly execute arbitrary
code as a consequence of writing to a dotfile in a home directory
(CVE-2010-2251).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

Additionally on 2008.0 lftp has been upgraded to 3.7.4.

The updated packages have been patched to correct this issue.

Updated packages

2009.0 x86_64

 18e95b0f96e05c4f4d08ff7ff0ec29b0  2009.0/x86_64/lftp-3.7.4-1.1mdv2009.0.x86_64.rpm
 0b53aff2ff5bd9fb9cf36dfdedd3c582  2009.0/x86_64/lib64lftp0-3.7.4-1.1mdv2009.0.x86_64.rpm
 e6461691120dadda1f414a1611e4ece0  2009.0/x86_64/lib64lftp-devel-3.7.4-1.1mdv2009.0.x86_64.rpm 
 187fb4a21859de94bf111fdb21f22c4c  2009.0/SRPMS/lftp-3.7.4-1.1mdv2009.0.src.rpm

MES5 i586

 e0fe03efa978c234e8365fe9ab08ad9c  mes5/i586/lftp-3.7.4-1.1mdvmes5.1.i586.rpm
 1c57f9608cbd607bda8bf55bc76600d9  mes5/i586/liblftp0-3.7.4-1.1mdvmes5.1.i586.rpm
 dff1c808bb1cfa0b0e067e6c41b3db03  mes5/i586/liblftp-devel-3.7.4-1.1mdvmes5.1.i586.rpm 
 5d46343519e5e1a495ed1d7980527dd6  mes5/SRPMS/lftp-3.7.4-1.1mdvmes5.1.src.rpm

2010.0 x86_64

 54b1fec82936e06338906db09b49a8a6  2010.0/x86_64/lftp-3.7.15-1.1mdv2010.0.x86_64.rpm
 17598246912347e614013f002338365d  2010.0/x86_64/lib64lftp0-3.7.15-1.1mdv2010.0.x86_64.rpm
 aa6338f3dd92dbc7adf3ae978db61a5b  2010.0/x86_64/lib64lftp-devel-3.7.15-1.1mdv2010.0.x86_64.rpm 
 862ebfc437fcbc900662366f93df5d70  2010.0/SRPMS/lftp-3.7.15-1.1mdv2010.0.src.rpm

2010.0 i586

 7e40d6fed798df5e6e2ad91f0518f1fe  2010.0/i586/lftp-3.7.15-1.1mdv2010.0.i586.rpm
 a0f2d233784d358a9b908650e69c2ccc  2010.0/i586/liblftp0-3.7.15-1.1mdv2010.0.i586.rpm
 217d90aadfc3344ec3cdc0dedb97e819  2010.0/i586/liblftp-devel-3.7.15-1.1mdv2010.0.i586.rpm 
 862ebfc437fcbc900662366f93df5d70  2010.0/SRPMS/lftp-3.7.15-1.1mdv2010.0.src.rpm

2009.1 i586

 d9069ed3bb5e11948564e280565f0768  2009.1/i586/lftp-3.7.9-1.1mdv2009.1.i586.rpm
 80a0214dcea80af012c07eea76c4e5c7  2009.1/i586/liblftp0-3.7.9-1.1mdv2009.1.i586.rpm
 a5c2a6e01c53d6dd1d990bcdbeb1c68c  2009.1/i586/liblftp-devel-3.7.9-1.1mdv2009.1.i586.rpm 
 2e8cab06f3d9a82ea69ad764e189bb4a  2009.1/SRPMS/lftp-3.7.9-1.1mdv2009.1.src.rpm

2009.0 i586

 a04887286756ecf0218e67981098ee00  2009.0/i586/lftp-3.7.4-1.1mdv2009.0.i586.rpm
 2c9165b6386ed899758a2ea404a9385d  2009.0/i586/liblftp0-3.7.4-1.1mdv2009.0.i586.rpm
 8c86068b9e839b47a93c23541456b3cc  2009.0/i586/liblftp-devel-3.7.4-1.1mdv2009.0.i586.rpm 
 187fb4a21859de94bf111fdb21f22c4c  2009.0/SRPMS/lftp-3.7.4-1.1mdv2009.0.src.rpm

2008.0 x86_64

 e53191e7cc41c58982deddf3e7e628ce  2008.0/x86_64/lftp-3.7.4-0.1mdv2008.0.x86_64.rpm
 d518833d3ea17bde4a77b388c20ee262  2008.0/x86_64/lib64lftp0-3.7.4-0.1mdv2008.0.x86_64.rpm
 2c88562a368ccdf00841d4e044c8f012  2008.0/x86_64/lib64lftp-devel-3.7.4-0.1mdv2008.0.x86_64.rpm 
 4a37f82002ea3042d5f66562dad92837  2008.0/SRPMS/lftp-3.7.4-0.1mdv2008.0.src.rpm

2008.0 i586

 70002b25ea687e18daaf1d2d650d2311  2008.0/i586/lftp-3.7.4-0.1mdv2008.0.i586.rpm
 267d114587a3bb33a1924eafa2e53681  2008.0/i586/liblftp0-3.7.4-0.1mdv2008.0.i586.rpm
 670405b305aa03dcbe2c340a2813e2bd  2008.0/i586/liblftp-devel-3.7.4-0.1mdv2008.0.i586.rpm 
 4a37f82002ea3042d5f66562dad92837  2008.0/SRPMS/lftp-3.7.4-0.1mdv2008.0.src.rpm

2009.1 x86_64

 97657f39c592d50f47c8f65df94a2e19  2009.1/x86_64/lftp-3.7.9-1.1mdv2009.1.x86_64.rpm
 e029a26bf63f859393b05ad8be3121c4  2009.1/x86_64/lib64lftp0-3.7.9-1.1mdv2009.1.x86_64.rpm
 374fe6c5118959366aa568861e868b49  2009.1/x86_64/lib64lftp-devel-3.7.9-1.1mdv2009.1.x86_64.rpm 
 2e8cab06f3d9a82ea69ad764e189bb4a  2009.1/SRPMS/lftp-3.7.9-1.1mdv2009.1.src.rpm

MES5 x86_64

 aa0674de92d88ea5520e6c86e77fa3e6  mes5/x86_64/lftp-3.7.4-1.1mdvmes5.1.x86_64.rpm
 c415d4ff0363c8c264de64f019e988b0  mes5/x86_64/lib64lftp0-3.7.4-1.1mdvmes5.1.x86_64.rpm
 26f7432fb7542a7f0eaecea1b947e47d  mes5/x86_64/lib64lftp-devel-3.7.4-1.1mdvmes5.1.x86_64.rpm 
 5d46343519e5e1a495ed1d7980527dd6  mes5/SRPMS/lftp-3.7.4-1.1mdvmes5.1.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2251