Moreover, this vulnerability can be exploited remotely, via a man-in-the-middle attack. A remote attacker can set up a malicious FTP server that can trick clients into connecting back to a given IP address and port. This vulnerability can be exploited to scan ports that are otherwise not possible.

Versions of Python vulnerable to this issue were released between September 11, 2013, and October 9, 2013.

Another flaw was found in Python. The issue is related to how the FTP client library handles the PORT command. The flaw can be exploited to execute arbitrary code on the remote server. This vulnerability can be exploited to install a backdoor on the remote server.

Versions of Python vulnerable to this issue were released between September 12, 2013, and October 22, 2013.

Another flaw was found in Python. The issue is related to how the FTP client library handles the EPSV command. The flaw can be exploited to execute arbitrary code on the remote server. This vulnerability can be exploited to install a backdoor on the remote server.

Versions of Python vulnerable to this issue were released between November 8, 2013, and December 6, 2013.

Another flaw was found in Python. The issue is related to how the FTP client library handles the PORT command. The flaw can be exploited to execute arbitrary code on the remote server. This vulnerability can be exploited to install a backdoor on the remote server.

Versions of Python vulnerable to this issue were released between December

Shell Command Injection

Shell command injection is a computer security vulnerability in which the attacker injects commands into the command line of a running process. This can be done to access privileged information or to launch attacks against other software that relies on standard input or output redirection.

Versions of Python vulnerable to this issue were released between October 22, 2013, and December 6, 2013.

Timeline

Published on: 08/24/2022 16:15:00 UTC
Last modified on: 08/29/2022 13:31:00 UTC

References