Debian Security Advisory DSA 551-1 (lukemftpd) Network Vulnerability

Summary

The remote host is missing an update to lukemftpd announced via advisory DSA 551-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20551-1

Insight

Przemyslaw Frasunek discovered a vulnerability in tnftpd or lukemftpd respectively, the enhanced ftp daemon from NetBSD. An attacker could utilise this to execute arbitrary code on the server. For the stable distribution (woody) this problem has been fixed in version 1.1-1woody2. For the unstable distribution (sid) this problem has been fixed in version 1.1-2.2. We recommend that you upgrade your lukemftpd package.

Severity

Classification

CVE CVE-2004-0794
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1010-1 (ilohamail)
Debian Security Advisory DSA 1036-1 (bsdgames)
Debian Security Advisory DSA 1058-1 (awstats)
Debian Security Advisory DSA 1152-1 (trac)
Debian Security Advisory DSA 1093-1 (xine-ui)

Take action and discover your vulnerabilities