Mandriva: 2010:128: lftp

view full story

http://www.linuxsecurity.com – LinuxSecurity.com: A vulnerability has been found and corrected in lftp: The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to [More...] (Security)