CVE-2018-10916 — MEDIUM (5.3)

Q: How severe is CVE-2018-10916?

CVE-2018-10916 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-10916?

Check the references section above for vendor advisories and patch information. Affected products include: Lftp Project Lftp, Canonical Ubuntu Linux, Opensuse Leap.

Vulnerability Description

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Lftp Project	Lftp	<= 4.8.3
Canonical	Ubuntu Linux	12.04
Opensuse	Leap	42.3

Related Weaknesses (CWE)

CWE-20

References

http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00036.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00010.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916Issue TrackingPatchThird Party Advisory
https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992PatchThird Party Advisory
https://github.com/lavv17/lftp/issues/452ExploitThird Party Advisory
https://usn.ubuntu.com/3731-2/Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00036.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00010.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916Issue TrackingPatchThird Party Advisory
https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992PatchThird Party Advisory
https://github.com/lavv17/lftp/issues/452ExploitThird Party Advisory
https://usn.ubuntu.com/3731-2/Third Party Advisory

FAQ

What is CVE-2018-10916?

CVE-2018-10916 is a vulnerability with a CVSS score of 5.3 (MEDIUM). It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A re...

How severe is CVE-2018-10916?

CVE-2018-10916 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-10916?

Check the references section above for vendor advisories and patch information. Affected products include: Lftp Project Lftp, Canonical Ubuntu Linux, Opensuse Leap.