-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : wu-ftpd SUMMARY : Remote vulnerability in the wu-ftpd server DATE : 2003-08-01 12:15:00 ID : CLA-2003:715 RELEVANT RELEASES : 7.0, 8, 9 - ------------------------------------------------------------------------- DESCRIPTION "wu-ftpd" is one of the ftp servers available in Conectiva Linux and several other linux distributions. Janusz Niewiadomski and Wojciech Purczynski of iSEC Security Research have found[1] a off-by-one buffer overflow vulnerability in the fb_realpath() function, which handles filename paths in wu-ftpd. The vulnerability can be exploited by a remote attacker who can log in to the vulnerable server (with any account, including an anonymous one if available) to execute arbitrary code with the privileges of the root user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0466 to this issue[2]. SOLUTION All administrators who deploy wu-ftpd should upgrade immediately. If an upgrade is not possible, then the service should be shut down, or another ftp server should be used. There is no need to restart the service after the upgrade because wu-ftpd is started from inetd. The administrator might want to, however, shut down all current connections which would still be using the vulnerable copy to avoid a possible abuse by currently connected users. REFERENCES: 1.http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt 2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0466 UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/7.0/RPMS/wu-ftpd-2.6.1-6U70_3cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/wu-ftpd-2.6.1-6U70_3cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/wu-ftpd-2.6.1-8U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/wu-ftpd-2.6.1-8U80_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/wu-ftpd-2.6.2-13985U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/SRPMS/wu-ftpd-2.6.2-13985U90_1cl.src.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- Copyright (c) 2003 Conectiva Inc. http://www.conectiva.com - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribeat_private unsubscribe: conectiva-updates-unsubscribeat_private -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/KpGZ42jd0JmAcZARAjquAJ9T9W+r8+MxRXRMVNuV4B+IjY6ZJgCfZUTc tkzOHh6i56vg/K1AsxGAoWo= =XlI1 -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Aug 01 2003 - 13:58:35 PDT