|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Sunday, 2 July 2000||Author: Derrick H. Lewis|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Std View]|
Linux-Mandrake Security Update- wu-ftpd
Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Because of user input going directly into a format string for a *printf function, it is possible to overwrite important data, such as a return address, on the stack.
Linux-Mandrake Security Update
Date: July, 2nd 2000
Package name: wu-ftpd
Affected versions: 6.0 6.1 7.0 7.1
Problem: Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Because of user input going directly into a format string for a *printf function, it is possible to overwrite important data, such as a return address, on the stack. When this is accomplished, the function can jump into shellcode pointed to by the overwritten eip and execute arbitrary commands as root. While exploited in a manner similar to a buffer overflow, it is actually an input validation problem. Anonymous ftp is exploitable making it even more serious as attacks can come anonymously from anywhere on the internet.
Please upgrade to: 6.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm
To upgrade automatically, use « MandrakeUpdate ». If you want to upgrade manually, download the updated package from one of our FTP server mirrors and uprade with "rpm -Uvh package_name". All mirrors are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are available in the "updates/" directory.
For example, if you are looking for an updated RPM package for Mandrake 7.1, look for it in: updates/7.1/RPMS/