CVE-2007-2348 Information

Description

mirror –script in lftp before 3.5.9 does not properly quote shell metacharacters which might allow remote user-assisted attackers to execute shell commands via a malicious script. NOTE: it is not clear whether this issue crosses security boundaries since the script already supports commands such as \get\ which could overwrite executable files.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=173524 http://lftp.yar.ru/news.html http://rhn.redhat.com/errata/RHSA-2009-1278.html http://secunia.com/advisories/25107 http://secunia.com/advisories/25132 http://secunia.com/advisories/36559 http://www.securityfocus.com/bid/23736 http://www.vupen.com/english/advisories/2007/1590 https://issues.rpath.com/browse/RPL-1229 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10806