CVE-2010-2251

Name of the Vulnerable Software and Affected Versions LFTP versions prior to 4.0.6

Description The issue concerns the get1 command in LFTP, which does not properly validate server-provided filenames. This allows remote servers to create or overwrite arbitrary files via a Content-Disposition header with a crafted filename. As a consequence, this could lead to the execution of arbitrary code, particularly if the server writes to a dotfile in a home directory. Additionally, there are multiple vulnerabilities in the LFTP package that can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 4.0.6, update to version 4.0.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of the get1 command until a patch is applied. Avoid using the Content-Disposition header in the affected API endpoint until the issue is resolved.