CVE-2004-1280

Name of the Vulnerable Software and Affected Versions: junkie version 0.3.1

Description: The issue allows remote malicious FTP servers to execute arbitrary commands via shell metacharacters in a filename. This is due to a problem in the gui popup view fly function in gui tview popup.c.

Recommendations: For junkie version 0.3.1, consider disabling the gui popup view fly function until a patch is available to prevent exploitation. Restrict access to the gui tview popup.c module to minimize the risk of arbitrary command execution. Avoid using filenames with shell metacharacters in the affected FTP connections until the issue is resolved.