lftp 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1253513881
업데이트 : 2009.09.21
상세내용
보안버그 CVE-2007-2348 수정
. CVE-2007-2348
It was discovered that lftp did not properly escape shell metacharacters
when generating shell scripts using the "mirror --script" command. A
mirroring script generated to download files from a malicious FTP server
could allow an attacker controlling the FTP server to run an arbitrary
command as the user running lftp.
Autoupdates 지원 : 지원
update 패키지
RPMS :
. lftp-3.5.1-3.el5.i686.rpm
SRPMS :
. lftp-3.5.1-3.el5.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2348
|