Sun Microsystems Inc. Information for VU#258721

Various FTP clients fail to account for pipe (|) characters in default file names

Status

Affected

Vendor Statement

This issue was addressed in Solaris 7 and patched in earlier releases. Thus this issue does not affect Solaris 7, 8 and 9. The only affected and supported version of Solaris is 2.6 with the following patches available: 106522-01 or later (SPARC) and 106523-01 or later (x86). Sun will be publishing a Sun Alert available from the following location for this issue:

http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/50222

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.