lftp Try_Netscape_Proxy Buffer Overflow Vulnerability

Bugtraq ID: 9210
Class: Boundary Condition Error
CVE: CVE-2003-0963
Remote: Yes
Local: No
Published: Dec 12 2003 12:00AM
Updated: Jul 12 2009 12:56AM
Credit: Discovered by Ulf Harnhammar <Ulf.Harnhammar.9485@student.uu.se>.
Vulnerable: Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux -current
SGI ProPack 2.4
SGI ProPack 2.3
lftp lftp 2.6.9
lftp lftp 2.6.8
lftp lftp 2.6.5
lftp lftp 2.6.4
lftp lftp 2.6.2
lftp lftp 2.6.1
lftp lftp 2.6
lftp lftp 2.5.4
lftp lftp 2.5.2
lftp lftp 2.5.1
Alexander V. Lukyanov lftp 2.6.9
+ Conectiva Linux 9.0
+ Conectiva Linux 8.0
+ OpenPKG OpenPKG Current
Alexander V. Lukyanov lftp 2.6.8
Alexander V. Lukyanov lftp 2.6.7
Alexander V. Lukyanov lftp 2.6.6
+ Mandriva Linux Mandrake 9.2
+ OpenPKG OpenPKG 1.3
+ Turbolinux Turbolinux Advanced Server 6.0
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Server 6.5
+ Turbolinux Turbolinux Server 6.1
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Alexander V. Lukyanov lftp 2.6.5
+ Red Hat Fedora Core1
Alexander V. Lukyanov lftp 2.6.4
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ OpenPKG OpenPKG 1.2
Alexander V. Lukyanov lftp 2.6.3
+ Red Hat Enterprise Linux AS 3
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ RedHat Linux 9.0 i386
Alexander V. Lukyanov lftp 2.6 .0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ Mandriva Linux Mandrake 9.0
Alexander V. Lukyanov lftp 2.5.2
+ RedHat Linux 8.0 i386
Alexander V. Lukyanov lftp 2.4.9
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
Alexander V. Lukyanov lftp 2.3
Not Vulnerable: lftp lftp 2.6.10
Alexander V. Lukyanov lftp 2.6.10


 

Privacy Statement
Copyright 2010, SecurityFocus