MDKSA-2005:050
- Package name
- gftp
- Date
- 2005-03-04
- Advisory ID
- MDKSA-2005:050
- Affected versions
- CS2.1 x86_64 , 10.0 amd64 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , CS2.1 i586 , 10.1 x86_64
Problem description
A vulnerability in gftp could allow a malicious FTP server to
overwrite files on the local system as the user running gftp due to
improper handling of filenames containing slashes.
The updated packages are patched to deal with these issues.
Updated packages
CS2.1 x86_64
0e62f8cf63c1dfe52a8059c8890efe7d x86_64/corporate/2.1/RPMS/gftp-2.0.13-2.1.C21mdk.x86_64.rpm 73d1194548966c40acfa2f863b590778 x86_64/corporate/2.1/SRPMS/gftp-2.0.13-2.1.C21mdk.src.rpm
10.0 amd64
28e4cdeac10a8e809de0f9f5372f516a amd64/10.0/RPMS/gftp-2.0.16-4.1.100mdk.amd64.rpm bee5bf5c5003046e739cc8dcd763b5b9 amd64/10.0/SRPMS/gftp-2.0.16-4.1.100mdk.src.rpm
10.1 i586
629737a4dce0aa18c5c8682f4bc7dc76 10.1/RPMS/gftp-2.0.17-4.1.101mdk.i586.rpm a412997b5076bbfd58c53c5df23c7897 10.1/SRPMS/gftp-2.0.17-4.1.101mdk.src.rpm
10.0 i586
b39b15034eb4d3581c44e100af5d50f0 10.0/RPMS/gftp-2.0.16-4.1.100mdk.i586.rpm bee5bf5c5003046e739cc8dcd763b5b9 10.0/SRPMS/gftp-2.0.16-4.1.100mdk.src.rpm
CS3.0 x86_64
9e21985c7ba6224eaa90fbdf9be50cd1 x86_64/corporate/3.0/RPMS/gftp-2.0.16-4.1.C30mdk.x86_64.rpm 15bc999abc88794605dc5df20adb50a4 x86_64/corporate/3.0/SRPMS/gftp-2.0.16-4.1.C30mdk.src.rpm
CS3.0 i586
340f5735280f121bc35301b706d6077e corporate/3.0/RPMS/gftp-2.0.16-4.1.C30mdk.i586.rpm 15bc999abc88794605dc5df20adb50a4 corporate/3.0/SRPMS/gftp-2.0.16-4.1.C30mdk.src.rpm
CS2.1 i586
812d8ec7003e0efb5ed4f31fade5461e corporate/2.1/RPMS/gftp-2.0.13-2.1.C21mdk.i586.rpm 73d1194548966c40acfa2f863b590778 corporate/2.1/SRPMS/gftp-2.0.13-2.1.C21mdk.src.rpm
10.1 x86_64
4d9ceebce6f39c2b426021301bfad778 x86_64/10.1/RPMS/gftp-2.0.17-4.1.101mdk.x86_64.rpm a412997b5076bbfd58c53c5df23c7897 x86_64/10.1/SRPMS/gftp-2.0.17-4.1.101mdk.src.rpm