LFTP MirrorJob::HandleFile Arbitrary Command Injection Vulnerability

Bugtraq ID: 23736
Class: Input Validation Error
CVE: CVE-2007-2348
Remote: Yes
Local: No
Published: May 01 2007 12:00AM
Updated: Sep 02 2009 05:52PM
Credit: The vendor reported this issue.
Vulnerable: rPath rPath Linux 1
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
lftp lftp 3.5.8
Not Vulnerable: lftp lftp 3.5.9


 

Privacy Statement
Copyright 2010, SecurityFocus