Summary
The remote host is missing an update to lukemftpd
announced via advisory DSA 551-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20551-1
Insight
Przemyslaw Frasunek discovered a vulnerability in tnftpd or lukemftpd respectively, the enhanced ftp daemon from NetBSD. An attacker could utilise this to execute arbitrary code on the server.
For the stable distribution (woody) this problem has been fixed in version 1.1-1woody2.
For the unstable distribution (sid) this problem has been fixed in version 1.1-2.2.
We recommend that you upgrade your lukemftpd package.
Severity
Classification
-
CVE CVE-2004-0794 -
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
Related Vulnerabilities