Hsftp Filename Format String Vulnerability
SECUNIA ADVISORY ID:
SA10950
VERIFY ADVISORY:
http://secunia.com/advisories/10950/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
Hsftp 1.x
DESCRIPTION:
Ulf Harnhammar has discovered a vulnerability in Hsftp, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a format string error when processing file names. This can be exploited by placing files with specially crafted filenames containing format specifiers on a server and trick a user into connecting to it.
Successful exploitation may execute arbitrary code on a user's system when performing a directory listing.
SOLUTION:
Connect only to trusted servers.
PROVIDED AND/OR DISCOVERED BY:
Ulf Harnhammar
For further details and links please click here to see the actual Secunia Advisory: http://secunia.com/advisories/10950/