Welcome to our website
Kerberos Update for Red Hat
Posted by philipp on: 01/31/2003 11:52 AM [ Print | 0 comment(s) ]
Red Hat has released a kerberos security update for Red Hat Linux 6.2 - 8.0
A problem has been found in the Kerberos ftp client. When retrieving a file with a filename beginning with a pipe character, the ftp client will pass the filename to the command shell in a system() call. This could allow a malicious ftp server to write to files outside of the current directory or execute commands as the user running the ftp client.
06/27/2004 09:44 AM: kerberos (3) by iamroot