Multiple Vendor FTP Client Side File Overwriting Vulnerability

Bugtraq ID: 6360
Class: Input Validation Error
CVE: CVE-2002-1345
Remote: Yes
Local: No
Published: Dec 11 2002 12:00AM
Updated: Feb 28 2007 09:46PM
Credit: Vulnerability discovery credited to Steve Christey.
Vulnerable: Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
Sun Solaris 7.0_x86
Sun Solaris 7.0
Sun Solaris 2.6_x86
Sun Solaris 2.6
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux -current
OpenBSD OpenBSD 3.0
NcFTP Software NcFTP 3.1.4
NcFTP Software NcFTP 3.1.3
NcFTP Software NcFTP 3.1.2
NcFTP Software NcFTP 3.1.1
NcFTP Software NcFTP 3.1 .0
NcFTP Software NcFTP 3.0.4
NcFTP Software NcFTP 3.0.3
NcFTP Software NcFTP 3.0.2
NcFTP Software NcFTP 3.0.1
NcFTP Software NcFTP 3.0 .0
Not Vulnerable: University of Kansas Lynx 2.8.1
Redhat Linux 7.1
NcFTP Software NcFTP 3.1.5
NcFTP Software NcFTP 3.1.4
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows NT Workstation 4.0 SP6a
Microsoft Windows NT Workstation 4.0 SP6
Microsoft Windows NT Workstation 4.0 SP5
Microsoft Windows NT Terminal Server 4.0 SP6
Microsoft Windows NT Terminal Server 4.0 SP5
Microsoft Windows NT Server 4.0 SP6a
+ Avaya DefinityOne Media Servers
+ Avaya DefinityOne Media Servers
+ Avaya IP600 Media Servers
+ Avaya IP600 Media Servers
+ Avaya S3400 Message Application Server 0
+ Avaya S8100 Media Servers 0
+ Avaya S8100 Media Servers 0
Microsoft Windows NT Server 4.0 SP6
Microsoft Windows NT Server 4.0 SP5
Microsoft Windows NT Enterprise Server 4.0 SP6a
Microsoft Windows NT Enterprise Server 4.0 SP6
Microsoft Windows NT Enterprise Server 4.0 SP5
lftp lftp 2.6.2


 

Privacy Statement
Copyright 2010, SecurityFocus