CVE-2021-40491

2021-09-0300:00:00

ubuntu.com

gnu inetutils

pasv responses

lspv responses

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

EPSS

0.003

Percentile

68.5%

JSON

The ftp client in GNU Inetutils before 2.2 does not validate addresses
returned by PASV/LSPV responses to make sure they match the server address.
This is similar to CVE-2020-8284 for curl.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993476>

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchinetutils< 2:1.9.4-3ubuntu0.1+esm1UNKNOWN
ubuntu20.04noarchinetutils< 2:1.9.4-11ubuntu0.2+esm1UNKNOWN
ubuntu14.04noarchinetutils< 2:1.9.2-1ubuntu0.1~esm1UNKNOWN
ubuntu16.04noarchinetutils< 2:1.9.4-1ubuntu0.1~esm2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	inetutils	< 2:1.9.4-3ubuntu0.1+esm1	UNKNOWN
ubuntu	20.04	noarch	inetutils	< 2:1.9.4-11ubuntu0.2+esm1	UNKNOWN
ubuntu	14.04	noarch	inetutils	< 2:1.9.2-1ubuntu0.1~esm1	UNKNOWN
ubuntu	16.04	noarch	inetutils	< 2:1.9.4-1ubuntu0.1~esm2	UNKNOWN