[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[linux-security] ALERT: remote root exploit in wu-ftpd daemon
- To: linux-security
- Subject: [linux-security] ALERT: remote root exploit in wu-ftpd daemon
- From: Martin Siegert <siegert@sfu.ca>
- Date: Thu, 31 Jul 2003 15:37:19 -0700
- User-Agent: Mutt/1.4.1i
Topic
=====
remote root exploit in wu-ftpd
Problem Description
===================
The wu-ftpd package contains the Washington University FTP (File Transfer
Protocol) server daemon. FTP is a method of transferring files between
computers on a network. It uses normal, unencrypted usernames and passwords
for authentication.
An off-by-one bug has been discovered in versions of wu-ftpd up to and
including 2.6.2. On a vulnerable system, a remote attacker would be able
to exploit this bug to gain root privileges.
Affected Systems
================
wu-ftpd versions 2.6.2 and earlier
Workaround (recommended!)
=========================
Nowadays, unless you run an anonymous ftp server, there is no need for
a ftp server anymore: install sshd instead (i.e., install the openssh-server
package) and use sftp and/or scp instead. You then can uninstall the ftp
server with:
rpm -e wu-ftpd
Solution
========
update to a patched version for your distribution
RedHat 7.1
----------
rpm -Fvh wu-ftpd-2.6.2-11.71.1.i386.rpm
RedHat 7.2
----------
rpm -Fvh wu-ftpd-2.6.2-11.72.1.i386.rpm
RedHat 7.3
----------
rpm -Fvh wu-ftpd-2.6.2-11.73.1.i386.rpm
RedHat 8.0
----------
rpm -Fvh wu-ftpd-2.6.2-12.i386.rpm
RedHat 9
--------
not vulnerable
Suse-7.2, 7.3
-------------
rpm -Fvh wuftpd-2.6.0-403.i386.rpm
Suse-8.x
--------
not vulnerable
Mandrake 8.2
------------
rpm -Fvh wu-ftpd-2.6.2-1.1mdk.i586.rpm
Mandrake 9.x
------------
not vulnerable