tnftp is vulnerable to remote code execution if output file is not specified.
|Package||net-ftp/tnftp on all architectures|
|Affected versions||< 20141104|
|Unaffected versions||>= 20141104|
tnftp is a NetBSD FTP client with several advanced features.
The fetch_url function in usr.bin/ftp/fetch.c allows remote attackers to execute arbitrary commands via a
A remote attacker could possibly execute arbitrary code with the privileges of the process.
There is no known workaround at this time.
All tnftp users should upgrade to the latest version:
# emerge --sync # emerge --ask --verbose --oneshot ">=net-ftp/tnftp-20141104"
November 15, 2016
November 15, 2016: 1