USN-5177-1: Inetutils vulnerability
8 August 2022
Inetutils could be made to crash if it received specially crafted input.
Releases
Packages
- inetutils - File Transfer Protocol client
Details
It was discovered that Inetutils did not properly check the response of
ftp requests. A remote attacker could use this vulnerability to cause a crash
or run programs in the user machine.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04
-
inetutils-tools
-
2:1.9.4-11ubuntu0.1+esm1
Available with Ubuntu Pro
-
inetutils-ftpd
-
2:1.9.4-11ubuntu0.1+esm1
Available with Ubuntu Pro
Ubuntu 18.04
-
inetutils-tools
-
2:1.9.4-3ubuntu0.1+esm1
Available with Ubuntu Pro
-
inetutils-ftpd
-
2:1.9.4-3ubuntu0.1+esm1
Available with Ubuntu Pro
Ubuntu 16.04
-
inetutils-tools
-
2:1.9.4-1ubuntu0.1~esm2
Available with Ubuntu Pro
-
inetutils-ftpd
-
2:1.9.4-1ubuntu0.1~esm2
Available with Ubuntu Pro
Ubuntu 14.04
-
inetutils-tools
-
2:1.9.2-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
inetutils-ftpd
-
2:1.9.2-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.