Arch Linux Security Advisory ASA-201411-1 ========================================= Severity: High Date : 2014-11-01 CVE-ID : CVE-2014-8517 Package : tnftp Type : arbitrary command execution Remote : No Link : https://wiki.archlinux.org/index.php/CVE-2014 Summary ======= The package tnftp before version 20141031-1 is vulnerable to arbitrary command execution. Resolution ========== Upgrade to 20141031-1. # pacman -Syu "tnftp>=20141031-1" The problem has been fixed upstream in version 20141031. Workaround ========== Specifying the output filename with -o when using tnftp with HTTP will prevent from arbitrary command execution. Description =========== A malicious webserver can trick tnftp below 20141031 via HTTP redirects into executing arbitrary commands. Impact ====== A malicious webserver can create an evil redirect which will execute arbitrary commands when a local user fetches that URL with tnftp. References ========== http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8517 https://bugzilla.redhat.com/show_bug.cgi?id=1158286 https://bugs.archlinux.org/task/42646 http://seclists.org/oss-sec/2014/q4/459