| Revision Date: | 2005-06-13 | Version: | 502 |
| Title: | RHSA-2005:410: gftp security update (Moderate) |
| Description: | gFTP is a multi-threaded FTP client for the X Window System.
A directory traversal bug was found in gFTP. If a user can be tricked into downloading a file from a malicious ftp server, it is possible to overwrite arbitrary files owned by the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0372 to this issue.
Users of gftp should upgrade to this updated package, which contains a backported fix for this issue.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-0372
RHSA-2005:410-01
|
| Platform(s): | Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Release Information Red Hat Enterprise Linux 3 is installed
AND gftp is earlier than 1:2.0.14-4
AND gftp is signed with Red Hat master key
OR Package Information
Red Hat Enterprise Linux 4 is installed
AND gftp is earlier than 1:2.0.17-5
AND gftp is signed with Red Hat master key
|