{
  "modified": "2025-08-09T19:01:27Z",
  "published": "2004-01-05T05:00:00Z",
  "id": "CVE-2003-0963",
  "details": "Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040101-01-U"
    },
    {
      "type": "ADVISORY",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/10525"
    },
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/10548"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.debian.org/security/2004/dsa-406"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:116"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.novell.com/linux/security/advisories/2003_051_lftp.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=107126386226196\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=107152267121513\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=107167974714484\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=107177409418121\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=107340499504411\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-403.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2003-404.html"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11180"
    }
  ]
}