|
|
The wuftpd package as shipped with SuSE Linux distributions comes with two versions of wuftpd: wuftpd-2.4.2, installed as /usr/sbin/wuftpd, and wuftpd-2.6.0, installed as /usr/sbin/wuftpd-2.6. The admin decides which version to use by the inetd/xinetd configuration.
|
|
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: wuftpd
Announcement-ID: SuSE-SA:2001:043
Date: Wednesday, Nov. 28th, 2001 23:45 MET
Affected SuSE versions: 6.3, 6.4, 7.0, 7.1, 7.2, 7.3
Vulnerability Type: remote root compromise
Severity (1-10): 7
SuSE default package: no
Other affected systems: all liunx-like systems using wu-ftpd 2.4.x /
2.6.0 / 2.6.1
Content of this advisory:
1) security vulnerability resolved: wuftpd
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The wuftpd package as shipped with SuSE Linux distributions comes with
two versions of wuftpd: wuftpd-2.4.2, installed as /usr/sbin/wuftpd,
and wuftpd-2.6.0, installed as /usr/sbin/wuftpd-2.6.
The admin decides which version to use by the inetd/xinetd
configuration.
The CORE ST Team had found an exploitable bug in all versions of wuftpd's
ftpglob() function.
The glob function overwrites buffer bounds while matching open and closed
brackets. Due to a missing |
