Originally Published: Sunday, 2 July 2000 Author: Derrick H. Lewis
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Linux-Mandrake Security Update- wu-ftpd

Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Because of user input going directly into a format string for a *printf function, it is possible to overwrite important data, such as a return address, on the stack.

   Page 1 of 1  

-------------------------------------

Linux-Mandrake Security Update

-------------------------------------

Date: July, 2nd 2000

Package name: wu-ftpd

Affected versions: 6.0 6.1 7.0 7.1

Problem: Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Because of user input going directly into a format string for a *printf function, it is possible to overwrite important data, such as a return address, on the stack. When this is accomplished, the function can jump into shellcode pointed to by the overwritten eip and execute arbitrary commands as root. While exploited in a manner similar to a buffer overflow, it is actually an input validation problem. Anonymous ftp is exploitable making it even more serious as attacks can come anonymously from anywhere on the internet.

Please upgrade to: 6.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm

src: 6.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

6.1/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm

6.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

7.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm

src: 7.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

7.1/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm

src: 7.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

To upgrade automatically, use MandrakeUpdate . If you want to upgrade manually, download the updated package from one of our FTP server mirrors and uprade with "rpm -Uvh package_name". All mirrors are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are available in the "updates/" directory.

For example, if you are looking for an updated RPM package for Mandrake 7.1, look for it in: updates/7.1/RPMS/





   Page 1 of 1