FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

tnftp -- mget does not check for directory escapes

Affected packages
tnftp < 20050103

Details

VuXML ID f92e1bbc-5e18-11d9-839a-0050da134090
Discovery 2004-12-15
Entry 2005-01-07
Modified 2005-01-13

When downloading a batch of files from an FTP server the mget command does not check for directory escapes. A specially crafted file on the FTP server could then potentially overwrite an existing file of the user.

References

CVE Name CVE-2004-1294
Message 653D74053BA6F54A81ED83DCF969DF08CFA2AA@pivxes1.pivx.com
URL http://cvsweb.netbsd.org/bsdweb.cgi/othersrc/usr.bin/tnftp/src/cmds.c?rev=1.1.1.3&content-type=text/x-cvsweb-markup
URL http://it.slashdot.org/article.pl?sid=04/12/15/2113202
URL http://tigger.uic.edu/~jlongs2/holes/tnftp.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.