CVE-2010-2251

The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
alexander_v._lukyanovlftp
𝑥
≤ 4.0.5
alexander_v._lukyanovlftp
2.0.0
alexander_v._lukyanovlftp
2.0.1
alexander_v._lukyanovlftp
2.0.2
alexander_v._lukyanovlftp
2.0.3
alexander_v._lukyanovlftp
2.0.4
alexander_v._lukyanovlftp
2.0.5
alexander_v._lukyanovlftp
2.1.0
alexander_v._lukyanovlftp
2.1.1
alexander_v._lukyanovlftp
2.1.2
alexander_v._lukyanovlftp
2.1.3
alexander_v._lukyanovlftp
2.1.4
alexander_v._lukyanovlftp
2.1.5
alexander_v._lukyanovlftp
2.1.6
alexander_v._lukyanovlftp
2.1.7
alexander_v._lukyanovlftp
2.1.8
alexander_v._lukyanovlftp
2.1.9
alexander_v._lukyanovlftp
2.1.10
alexander_v._lukyanovlftp
2.2.0
alexander_v._lukyanovlftp
2.2.0a:a
alexander_v._lukyanovlftp
2.2.1
alexander_v._lukyanovlftp
2.2.2
alexander_v._lukyanovlftp
2.2.3
alexander_v._lukyanovlftp
2.2.4
alexander_v._lukyanovlftp
2.2.5
alexander_v._lukyanovlftp
2.2.6
alexander_v._lukyanovlftp
2.3
alexander_v._lukyanovlftp
2.3.0
alexander_v._lukyanovlftp
2.3.1
alexander_v._lukyanovlftp
2.3.2
alexander_v._lukyanovlftp
2.3.3
alexander_v._lukyanovlftp
2.3.4
alexander_v._lukyanovlftp
2.3.5
alexander_v._lukyanovlftp
2.3.6
alexander_v._lukyanovlftp
2.3.7
alexander_v._lukyanovlftp
2.3.8
alexander_v._lukyanovlftp
2.3.9
alexander_v._lukyanovlftp
2.3.10
alexander_v._lukyanovlftp
2.3.11
alexander_v._lukyanovlftp
2.4.0
alexander_v._lukyanovlftp
2.4.1
alexander_v._lukyanovlftp
2.4.2
alexander_v._lukyanovlftp
2.4.3
alexander_v._lukyanovlftp
2.4.5
alexander_v._lukyanovlftp
2.4.6
alexander_v._lukyanovlftp
2.4.7
alexander_v._lukyanovlftp
2.4.8
alexander_v._lukyanovlftp
2.4.9
alexander_v._lukyanovlftp
2.4.10
alexander_v._lukyanovlftp
2.4.10a:a
alexander_v._lukyanovlftp
2.5.0
alexander_v._lukyanovlftp
2.5.1
alexander_v._lukyanovlftp
2.5.2
alexander_v._lukyanovlftp
2.5.3
alexander_v._lukyanovlftp
2.5.4
alexander_v._lukyanovlftp
2.6.0
alexander_v._lukyanovlftp
2.6.1
alexander_v._lukyanovlftp
2.6.2
alexander_v._lukyanovlftp
2.6.3
alexander_v._lukyanovlftp
2.6.4
alexander_v._lukyanovlftp
2.6.5
alexander_v._lukyanovlftp
2.6.6
alexander_v._lukyanovlftp
2.6.7
alexander_v._lukyanovlftp
2.6.8
alexander_v._lukyanovlftp
2.6.9
alexander_v._lukyanovlftp
2.6.10
alexander_v._lukyanovlftp
2.6.11
alexander_v._lukyanovlftp
2.6.12
alexander_v._lukyanovlftp
3.0.0
alexander_v._lukyanovlftp
3.0.1
alexander_v._lukyanovlftp
3.0.2
alexander_v._lukyanovlftp
3.0.3
alexander_v._lukyanovlftp
3.0.4
alexander_v._lukyanovlftp
3.0.5
alexander_v._lukyanovlftp
3.0.6
alexander_v._lukyanovlftp
3.0.7
alexander_v._lukyanovlftp
3.0.8
alexander_v._lukyanovlftp
3.0.9
alexander_v._lukyanovlftp
3.0.10
alexander_v._lukyanovlftp
3.0.11
alexander_v._lukyanovlftp
3.0.12
alexander_v._lukyanovlftp
3.0.13
alexander_v._lukyanovlftp
3.1.0
alexander_v._lukyanovlftp
3.1.1
alexander_v._lukyanovlftp
3.1.2
alexander_v._lukyanovlftp
3.1.3
alexander_v._lukyanovlftp
3.2.0
alexander_v._lukyanovlftp
3.2.1
alexander_v._lukyanovlftp
3.3.0
alexander_v._lukyanovlftp
3.3.1
alexander_v._lukyanovlftp
3.3.2
alexander_v._lukyanovlftp
3.3.3
alexander_v._lukyanovlftp
3.3.4
alexander_v._lukyanovlftp
3.3.5
alexander_v._lukyanovlftp
3.4.0
alexander_v._lukyanovlftp
3.4.1
alexander_v._lukyanovlftp
3.4.2
alexander_v._lukyanovlftp
3.4.3
alexander_v._lukyanovlftp
3.4.4
alexander_v._lukyanovlftp
3.4.5
alexander_v._lukyanovlftp
3.4.6
alexander_v._lukyanovlftp
3.4.7
alexander_v._lukyanovlftp
3.5.0
alexander_v._lukyanovlftp
3.5.1
alexander_v._lukyanovlftp
3.5.2
alexander_v._lukyanovlftp
3.5.3
alexander_v._lukyanovlftp
3.5.4
alexander_v._lukyanovlftp
3.5.5
alexander_v._lukyanovlftp
3.5.6
alexander_v._lukyanovlftp
3.5.7
alexander_v._lukyanovlftp
3.5.8
alexander_v._lukyanovlftp
3.5.9
alexander_v._lukyanovlftp
3.5.10
alexander_v._lukyanovlftp
3.5.11
alexander_v._lukyanovlftp
3.5.12
alexander_v._lukyanovlftp
3.5.13
alexander_v._lukyanovlftp
3.5.14
alexander_v._lukyanovlftp
3.5.15
alexander_v._lukyanovlftp
3.6.0
alexander_v._lukyanovlftp
3.6.1
alexander_v._lukyanovlftp
3.6.2
alexander_v._lukyanovlftp
3.6.3
alexander_v._lukyanovlftp
3.7.0
alexander_v._lukyanovlftp
3.7.1
alexander_v._lukyanovlftp
3.7.2
alexander_v._lukyanovlftp
3.7.3
alexander_v._lukyanovlftp
3.7.4
alexander_v._lukyanovlftp
3.7.5
alexander_v._lukyanovlftp
3.7.6
alexander_v._lukyanovlftp
3.7.7
alexander_v._lukyanovlftp
3.7.8
alexander_v._lukyanovlftp
3.7.9
alexander_v._lukyanovlftp
3.7.10
alexander_v._lukyanovlftp
3.7.11
alexander_v._lukyanovlftp
3.7.12
alexander_v._lukyanovlftp
3.7.13
alexander_v._lukyanovlftp
3.7.14
alexander_v._lukyanovlftp
4.0.0
alexander_v._lukyanovlftp
4.0.1
alexander_v._lukyanovlftp
4.0.2
alexander_v._lukyanovlftp
4.0.3
alexander_v._lukyanovlftp
4.0.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
lftp
bullseye
4.8.4-2
fixed
lenny
no-dsa
bookworm
4.9.2-2
fixed
sid
4.9.2-3
fixed
trixie
4.9.2-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
lftp
lucid
Fixed 4.0.2-1ubuntu0.1
released
karmic
Fixed 3.7.15-1ubuntu2.1
released
jaunty
Fixed 3.7.8-1ubuntu0.1
released
hardy
Fixed 3.6.1-1ubuntu0.1
released
dapper
not-affected
Common Weakness Enumeration
References
http://lftp.yar.ru/news.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.html
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://marc.info/?l=oss-security&m=127411372529485&w=2
http://marc.info/?l=oss-security&m=127432968701342&w=2
http://marc.info/?l=oss-security&m=127611288927500&w=2
http://marc.info/?l=oss-security&m=127620248914170&w=2
http://secunia.com/advisories/40400
http://wiki.rpath.com/Advisories:rPSA-2010-0073
http://www.debian.org/security/2010/dsa-2085
http://www.ocert.org/advisories/ocert-2010-001.html
http://www.securityfocus.com/archive/1/514499/100/0/threaded
http://www.vupen.com/english/advisories/2010/1654
https://bugzilla.redhat.com/show_bug.cgi?id=591580
https://bugzilla.redhat.com/show_bug.cgi?id=602836
http://lftp.yar.ru/news.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043597.html
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://marc.info/?l=oss-security&m=127411372529485&w=2
http://marc.info/?l=oss-security&m=127432968701342&w=2
http://marc.info/?l=oss-security&m=127611288927500&w=2
http://marc.info/?l=oss-security&m=127620248914170&w=2
http://secunia.com/advisories/40400
http://wiki.rpath.com/Advisories:rPSA-2010-0073
http://www.debian.org/security/2010/dsa-2085
http://www.ocert.org/advisories/ocert-2010-001.html
http://www.securityfocus.com/archive/1/514499/100/0/threaded
http://www.vupen.com/english/advisories/2010/1654
https://bugzilla.redhat.com/show_bug.cgi?id=591580
https://bugzilla.redhat.com/show_bug.cgi?id=602836