Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2010-2251

Published: 06/07/2010 Updated: 10/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Alexander V. Lukyanov

Vulnerability Summary

The get1 command, as used by lftpget, in LFTP prior to 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

alexander v. lukyanov lftp 3.5.8

alexander v. lukyanov lftp 2.6.4

alexander v. lukyanov lftp 2.6.5

alexander v. lukyanov lftp 2.3

alexander v. lukyanov lftp 2.4.9

alexander v. lukyanov lftp 4.0.0

alexander v. lukyanov lftp 3.7.14

alexander v. lukyanov lftp 3.7.7

alexander v. lukyanov lftp 3.7.6

alexander v. lukyanov lftp 3.6.3

alexander v. lukyanov lftp 3.6.2

alexander v. lukyanov lftp 3.6.1

alexander v. lukyanov lftp 3.5.10

alexander v. lukyanov lftp 3.5.9

alexander v. lukyanov lftp 3.4.1

alexander v. lukyanov lftp 3.4.0

alexander v. lukyanov lftp 3.2.0

alexander v. lukyanov lftp 3.1.3

alexander v. lukyanov lftp 3.0.10

alexander v. lukyanov lftp 3.0.9

alexander v. lukyanov lftp 3.0.2

alexander v. lukyanov lftp 3.0.1

alexander v. lukyanov lftp 2.5.3

alexander v. lukyanov lftp 2.5.1

alexander v. lukyanov lftp 2.4.5

alexander v. lukyanov lftp 2.4.3

alexander v. lukyanov lftp 2.3.8

alexander v. lukyanov lftp 2.3.7

alexander v. lukyanov lftp 2.2.6

alexander v. lukyanov lftp 2.2.5

alexander v. lukyanov lftp 2.1.10

alexander v. lukyanov lftp 2.1.9

alexander v. lukyanov lftp 2.1.2

alexander v. lukyanov lftp 2.1.1

alexander v. lukyanov lftp

alexander v. lukyanov lftp 3.5.7

alexander v. lukyanov lftp 3.5.6

alexander v. lukyanov lftp 2.6.6

alexander v. lukyanov lftp 2.6.7

alexander v. lukyanov lftp 2.5.2

alexander v. lukyanov lftp 2.6.0

alexander v. lukyanov lftp 2.6.3

alexander v. lukyanov lftp 3.7.13

alexander v. lukyanov lftp 3.7.12

alexander v. lukyanov lftp 3.7.5

alexander v. lukyanov lftp 3.7.4

alexander v. lukyanov lftp 3.6.0

alexander v. lukyanov lftp 3.5.15

alexander v. lukyanov lftp 3.4.7

alexander v. lukyanov lftp 3.4.6

alexander v. lukyanov lftp 3.3.5

alexander v. lukyanov lftp 3.3.4

alexander v. lukyanov lftp 3.1.2

alexander v. lukyanov lftp 3.1.1

alexander v. lukyanov lftp 3.0.8

alexander v. lukyanov lftp 3.0.7

alexander v. lukyanov lftp 3.0.0

alexander v. lukyanov lftp 2.6.12

alexander v. lukyanov lftp 2.5.0

alexander v. lukyanov lftp 2.4.10a

alexander v. lukyanov lftp 2.4.2

alexander v. lukyanov lftp 2.4.1

alexander v. lukyanov lftp 2.3.6

alexander v. lukyanov lftp 2.3.5

alexander v. lukyanov lftp 2.2.4

alexander v. lukyanov lftp 2.2.3

alexander v. lukyanov lftp 2.1.8

alexander v. lukyanov lftp 2.1.7

alexander v. lukyanov lftp 2.1.0

alexander v. lukyanov lftp 2.0.5

alexander v. lukyanov lftp 2.0.4

alexander v. lukyanov lftp 3.5.3

alexander v. lukyanov lftp 3.5.2

alexander v. lukyanov lftp 3.5.0

alexander v. lukyanov lftp 3.5.1

alexander v. lukyanov lftp 4.0.2

alexander v. lukyanov lftp 4.0.1

alexander v. lukyanov lftp 3.7.9

alexander v. lukyanov lftp 3.7.8

alexander v. lukyanov lftp 3.7.1

alexander v. lukyanov lftp 3.7.0

alexander v. lukyanov lftp 3.5.12

alexander v. lukyanov lftp 3.5.11

alexander v. lukyanov lftp 3.4.3

alexander v. lukyanov lftp 3.4.2

alexander v. lukyanov lftp 3.3.1

alexander v. lukyanov lftp 3.3.0

alexander v. lukyanov lftp 3.2.1

alexander v. lukyanov lftp 3.0.12

alexander v. lukyanov lftp 3.0.11

alexander v. lukyanov lftp 3.0.4

alexander v. lukyanov lftp 3.0.3

alexander v. lukyanov lftp 2.6.1

alexander v. lukyanov lftp 2.5.4

alexander v. lukyanov lftp 2.4.7

alexander v. lukyanov lftp 2.4.6

alexander v. lukyanov lftp 2.3.10

alexander v. lukyanov lftp 2.3.9

alexander v. lukyanov lftp 2.3.1

alexander v. lukyanov lftp 2.3.0

alexander v. lukyanov lftp 2.2.0a

alexander v. lukyanov lftp 2.2.0

alexander v. lukyanov lftp 2.1.4

alexander v. lukyanov lftp 2.1.3

alexander v. lukyanov lftp 2.0.1

alexander v. lukyanov lftp 2.0.0

alexander v. lukyanov lftp 3.5.5

alexander v. lukyanov lftp 3.5.4

alexander v. lukyanov lftp 2.6.8

alexander v. lukyanov lftp 2.6.9

alexander v. lukyanov lftp 4.0.4

alexander v. lukyanov lftp 4.0.3

alexander v. lukyanov lftp 3.7.11

alexander v. lukyanov lftp 3.7.10

alexander v. lukyanov lftp 3.7.3

alexander v. lukyanov lftp 3.7.2

alexander v. lukyanov lftp 3.5.14

alexander v. lukyanov lftp 3.5.13

alexander v. lukyanov lftp 3.4.5

alexander v. lukyanov lftp 3.4.4

alexander v. lukyanov lftp 3.3.3

alexander v. lukyanov lftp 3.3.2

alexander v. lukyanov lftp 3.1.0

alexander v. lukyanov lftp 3.0.13

alexander v. lukyanov lftp 3.0.6

alexander v. lukyanov lftp 3.0.5

alexander v. lukyanov lftp 2.6.11

alexander v. lukyanov lftp 2.6.10

alexander v. lukyanov lftp 2.6.2

alexander v. lukyanov lftp 2.4.10

alexander v. lukyanov lftp 2.4.8

alexander v. lukyanov lftp 2.4.0

alexander v. lukyanov lftp 2.3.11

alexander v. lukyanov lftp 2.3.4

alexander v. lukyanov lftp 2.3.3

alexander v. lukyanov lftp 2.3.2

alexander v. lukyanov lftp 2.2.2

alexander v. lukyanov lftp 2.2.1

alexander v. lukyanov lftp 2.1.6

alexander v. lukyanov lftp 2.1.5

alexander v. lukyanov lftp 2.0.3

alexander v. lukyanov lftp 2.0.2

Vendor Advisories

Red Hat: Moderate: lftp security update
Synopsis Moderate: lftp security update Type/Severity Security Advisory: Moderate Topic An updated lftp package that fixes one security issue is now available forRed Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Common Vulnerability Scor ...
Ubuntu Security Notice: lftp vulnerability
It was discovered that LFTP incorrectly filtered filenames suggested by Content-Disposition headers If a user or automated system were tricked into downloading a file from a malicious site, a remote attacker could create the file with an arbitrary name, such as a dotfile, and possibly run arbitrary code ...

References

CWE-20http://www.ocert.org/advisories/ocert-2010-001.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=602836http://marc.info/?l=oss-security&m=127611288927500&w=2http://www.vupen.com/english/advisories/2010/1654http://marc.info/?l=oss-security&m=127432968701342&w=2https://bugzilla.redhat.com/show_bug.cgi?id=591580http://marc.info/?l=oss-security&m=127411372529485&w=2http://lftp.yar.ru/news.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.htmlhttp://marc.info/?l=oss-security&m=127620248914170&w=2http://secunia.com/advisories/40400http://www.debian.org/security/2010/dsa-2085http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlhttp://wiki.rpath.com/Advisories:rPSA-2010-0073http://www.securityfocus.com/archive/1/514499/100/0/threadedhttps://access.redhat.com/errata/RHSA-2010:0585https://usn.ubuntu.com/984-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook