CVE-2007-2348 — Lftp vulnerability

8 documents6 sources

Severity

6.8MEDIUMNVD

EPSS

4.1%

top 11.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Alexander V Lukyanov Lftp Debian Lftp

Timeline

PublishedApr 27

Latest updateMay 1

Description

mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses security boundaries, since the script already supports commands such as "get" which could overwrite executable files.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/lftp< lftp 3.5.9-1 (bookworm)

▶Debianalexander_v_lukyanov/lftp< 3.5.9-1+3

▶NVDalexander_v_lukyanov/lftp3.5.8

🔴Vulnerability Details

GHSA

GHSA-m4hr-2hrx-m38c: mirror --script in lftp before 3↗2022-05-01

▶

OSV

CVE-2007-2348: mirror --script in lftp before 3↗2007-04-27

▶

📋Vendor Advisories

Red Hat

lftp mirror --script does not escape names and targets of symbolic links↗2007-01-09

▶

Debian

CVE-2007-2348: lftp - mirror --script in lftp before 3.5.9 does not properly quote shell metacharacter...↗2007

▶

💬Community

Bugzilla

lftp affected by problems described in CVE-2007-2348↗2007-05-07

▶

Bugzilla

CVE-2007-2348 lftp mirror --script does not escape names and targets of symbolic links↗2007-04-12

▶

Bugzilla

CVE-2007-2348 lftp mirror --script does not escape names and targets of symbolic links↗2007-04-12

▶