Nessus Plugin #14894
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA057] DSA-057-1 gftp
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2004 Michel Arboi
- Summary:
- DSA-057-1 gftp
- Version:
- $Revision: 1.5 $
- Cve_id:
- CVE-2001-0489
- Bugtraq_id:
- -
- Xrefs:
- DSA:057
- Description:
The gftp package as distributed with Debian GNU/Linux 2.2 has a problem
in its logging code: it logged data received from the network but it did
not protect itself from printf format attacks. An attacker can use this
by making an FTP server return special responses that exploit this.
This has been fixed in version 2.0.6a-3.1, and we recommend that you
upgrade your gftp package.
Note: this advisory was posted as DSA-055-1 by mistake.
Solution : http://www.debian.org/security/2001/dsa-057
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.