Vulnerabilities > Alexander V Lukyanov

DATE	CVE	VULNERABILITY TITLE	RISK
2010-07-06	CVE-2010-2251	Improper Input Validation vulnerability in Alexander V. Lukyanov Lftp The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory. network low complexity alexander-v-lukyanov CWE-20	7.5
2004-01-05	CVE-2003-0963	Unspecified vulnerability in Alexander V. Lukyanov Lftp Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands. network low complexity alexander-v-lukyanov	7.5

Vulnerabilities > Alexander V Lukyanov {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Alexander V Lukyanov"}]}