tnftp: Arbitrary code execution — GLSA 201611-05

tnftp is vulnerable to remote code execution if output file is not specified.

Affected Packages

net-ftp/tnftp on all architectures
Affected versions < 20141104
Unaffected versions >= 20141104

Background

tnftp is a NetBSD FTP client with several advanced features.

Description

The fetch_url function in usr.bin/ftp/fetch.c allows remote attackers to execute arbitrary commands via a

Impact

A remote attacker could possibly execute arbitrary code with the privileges of the process.

Workaround

There is no known workaround at this time.

Resolution

All tnftp users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --verbose --oneshot ">=net-ftp/tnftp-20141104"
 

References

Release Date
November 15, 2016

Latest Revision
November 15, 2016: 1

Severity
normal

Exploitable
remote

Bugzilla entries