Debian: DSA-5307-1: libcommons-net-java security update
Dec29
on December 29, 2022
at 10:01 pm
Posted In: Uncategorized
ZeddYu Lu discovered that the FTP client of Apache Commons Net, a Java client API for basic Internet protocols, trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the
Comment