[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-security] ALERT: remote root exploit in wu-ftpd (Mandrake)



On Fri, Nov 30, 2001 at 12:22:32PM -0800, Martin Siegert wrote:
> Topic
> =====
> remote root exploit in wu-ftpd (ftp daemon for most Linux distributions)
> 
> Mandrake
> --------
> To my knowledge Mandrake uses proftpd instead of wu-ftpd by default.
> proftpd is not vulnerable to this bug. However, Mandrake does provide
> a wu-ftpd rpm that is vulnerable. There are no updates for the wu-ftpd
> rpm from Mandrake yet.

Mandrake just released new versions of their wu-ftpd packages.

Solution
========
Mandrake 7.1
------------
rpm -Fvh wu-ftpd-2.6.1-8.7mdk.i586.rpm

Mandrake 7.2
------------
rpm -Fvh wu-ftpd-2.6.1-8.8mdk.i586.rpm

Mandrake 8.0, 8.1
-----------------
rpm -Fvh wu-ftpd-2.6.1-11.1mdk.i586.rpm