- -------------------------------------------------------------------------- TFM LINUX SECURITY ANNOUNCEMENT - --------------------------------------------------------------------------
PACKAGE : wu-ftpd SUMMARY : Remote vulnerability in the wu-ftpd server DATE : 2001-11-30 15:00:00 ID : TFM-2001:001 RELEVANT RELEASES : 1.0 - ------------------------------------------------------------------------- DESCRIPTION wu-ftpd is one of the ftp servers available in TFM Linux and several other linux distributions. CORE Security Technologies[1] reported[2] a vulnerability[3] in the wu-ftpd ftp server that can be exploited remotely. The problem is in the internal glob function used by wu-ftpd which allows an attacker to corrupt memory space and execute arbitrary code remotely. There is no need for an user account on the ftp server, this problem can be abused by anonymous users as well. This vulnerability was first reported[4] by Matt Power but was deemed not exploitable at that time. SOLUTION All administrators who deploy wu-ftpd should upgrade immediately. If an upgrade is not possible, then the service should be shut down, or another ftp server should be used. There is no need to restart the service after the upgrade because wu-ftpd is started from inetd. The administrator might want to, however, shut down all current connections which would still be using the vulnerable copy to avoid a possible abuse by currently connected users. REFERENCES 1. <a href="http://www.core-sdi.com"; target="_blank">http://www.core-sdi.com</a> 2. <a href="http://www.securityfocus.com/archive/1/242964"; target="_blank">http://www.securityfocus.com/archive/1/242964</a> 3. <a href="http://www.securityfocus.com/bid/3581"; target="_blank">http://www.securityfocus.com/bid/3581</a> 4. <a href="http://www.securityfocus.com/archive/82/180823"; target="_blank">http://www.securityfocus.com/archive/82/180823</a> DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES <a href="ftp://ftp.tfm.ro/tfm_linux_1.0/Security_updates/wu-ftpd-2.6.1-20.src.rpm"; target="_blank"> ftp://ftp.tfm.ro/tfm_linux_1.0/Security_updates/wu-ftpd-2.6.1-20.src.rpm SOURCE rpm </a> <a href="ftp://ftp.tfm.ro/tfm_linux_1.0/Security_updates/wu-ftpd-2.6.1-20.i386.rpm"; target="_blank"> ftp://ftp.tfm.ro/tfm_linux_1.0/Security_updates/wu-ftpd-2.6.1-20.rpm BINARY rpm </a> ADDITIONAL INSTRUCTIONS Update can be done this way: a) donwload the binary package b) login as root c) rpm -Uvh wu-ftpd-2.6.1-20.i386.rpm or a) donwload the source package b) login as root c) rpm --rebuild wu-ftpd-2.6.1-20.src.rpm d) cd /usr/src/redhat/RPMS/i386/ e) rpm -Uvh wu-ftpd-2.6.1-20.i386.rpm - ------------------------------------------------------------------------- TFM Linux Team 2001 -- Mihai (Cop) Moldovanu http://www.tfm.ro/ http://portal.tfm.ro/ --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
