[MBT] new ticket for pkg ftp "Possible directory traversal thru ftp"
bugs at pld.org.pl
bugs at pld.org.pl
Wed May 14 16:36:09 CEST 2003
Date: 2003-05-14 16:36:07+02 Author: (kreutzm) <kreutzm at itp.uni-hannover.de>
Title: Possible directory traversal thru ftp
Ticket ID: #658
Ticket URL: http://bugs.pld.org.pl/?bug=658
Package: ftp-1:0.17-13
Distribution: PLD-1.0.main
Category: security problem
Current state: opened
Text:
See CAN-2002-1345 for details.
I don't know if ftp on PLD/Linux is impacted as there are no documents about the source (-qi says "the standard UNIX command-line FTP client" and there is no document in /usr/share/doc) and the vulnerability is present in many ftp clients (e.g. in wget, no fixed) and the CAN-Report explicitly says: "in multiple FTP clients on UNIX systems".
So ftp is probably impacted.
More information about the pld-bugs
mailing list