Debian Security Advisory 5307-1

Discussion in 'News Aggregator' started by Packet Storm, 2 Jan 2023.

  1. Packet Storm

    Packet Storm Guest

    Debian Linux Security Advisory 5307-1 - ZeddYu Lu discovered that the FTP client of Apache Commons Net, a Java client API for basic Internet protocols, trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client.

    Continue reading...
     
    #1 Packet Storm, 2 Jan 2023
(You must log in or sign up to post here.)

Share This Page

Loading...