RHEL 2.1 / 3 : lftp (RHSA-2003:404)

High Nessus Plugin ID 12441


The remote Red Hat host is missing a security update.


Updated lftp packages are now available that fix a buffer overflow security vulnerability.

lftp is a command-line file transfer program supporting FTP and HTTP protocols.

Ulf Harnhammar discovered a buffer overflow bug in versions of lftp up to and including 2.6.9. An attacker could create a carefully crafted directory on a website such that, if a user connects to that directory using the lftp client and subsequently issues a 'ls' or 'rels' command, the attacker could execute arbitrary code on the users machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0963 to this issue.

Users of lftp are advised to upgrade to these erratum packages, which contain a backported security patch and are not vulnerable to this issue.

Red Hat would like to thank Ulf Harnhammar for discovering and alerting us to this issue.


Update the affected lftp package.

See Also



Plugin Details

Severity: High

ID: 12441

File Name: redhat-RHSA-2003-404.nasl

Version: 1.28

Type: local

Agent: unix

Published: 2004/07/06

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:lftp, cpe:/o:redhat:enterprise_linux:2.1, cpe:/o:redhat:enterprise_linux:3

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 2003/12/16

Vulnerability Publication Date: 2004/01/05

Reference Information

CVE: CVE-2003-0963

RHSA: 2003:404