This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
f92e1bbc-5e18-11d9-839a-0050da134090 | tnftp -- mget does not check for directory escapes When downloading a batch of files from an FTP server the mget command does not check for directory escapes. A specially crafted file on the FTP server could then potentially overwrite an existing file of the user. Discovery 2004-12-15 Entry 2005-01-07 Modified 2005-01-13 tnftp < 20050103 CVE-2004-1294 http://tigger.uic.edu/~jlongs2/holes/tnftp.txt http://cvsweb.netbsd.org/bsdweb.cgi/othersrc/usr.bin/tnftp/src/cmds.c?rev=1.1.1.3&content-type=text/x-cvsweb-markup http://it.slashdot.org/article.pl?sid=04/12/15/2113202 http://marc.theaimsgroup.com/?l=bugtraq&m=110321888413132 |