Debian: wu-ftpd buffer overflow vulnerability

    Date01 Aug 2003
    CategoryDebian
    2269
    Posted ByLinuxSecurity Advisories
    iSEC Security Research reports that wu-ftpd contains an off-by-one bugin the fb_realpath function which could be exploited by a logged-in user(local or anonymous) to gain root privileges.
    
    - ------------------------------------------------------------------------
    Debian Security Advisory 357-1                    This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                         Michael Stone
    July 31, 2003                       http://www.debian.org/security/faq
    - ------------------------------------------------------------------------
    
    Package        : wu-ftpd
    Vulnerability  : buffer overflow
    Problem type   : remote root exploit
    Debian-specific: no
    CVE Id(s)      : CAN-2003-0466
    
    iSEC Security Research reports that wu-ftpd contains an off-by-one bug
    in the fb_realpath function which could be exploited by a logged-in user
    (local or anonymous) to gain root privileges. A demonstration exploit is
    reportedly available.
    
    For the current stable distribution (woody) this problem has been fixed
    in version 2.6.2-3woody1. 
    
    For the unstable distribution (sid) an update will be available shortly.
    
    We recommend you upgrade your wu-ftpd package immediately.
    
    Upgrade instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    Debian 3.0 (stable)
    - -------------------
    
      Stable was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2.orig.tar.gz
          Size/MD5 checksum:   354784 b3c271f02aadf663b8811d1bff9da3f6
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1.dsc
          Size/MD5 checksum:      713 0e7285b9fd050b4e8a30aa21d62f44d8
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1.diff.gz
          Size/MD5 checksum:    99967 88c990894af29cce4d14ee6822069542
    
      Architecture independent packages:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd-academ_2.6.2-3woody1_all.deb
          Size/MD5 checksum:     3476 79da608623ce421a11c568e97565f537
    
      alpha architecture (DEC Alpha)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_alpha.deb
          Size/MD5 checksum:   291540 20b379bd4495f8d810cc75f4188e0f94
    
      arm architecture (ARM)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_arm.deb
          Size/MD5 checksum:   265158 f5d590b10861f6f355d40d501cf35e75
    
      hppa architecture (HP PA RISC)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_hppa.deb
          Size/MD5 checksum:   275684 4cc9e3eb212401091d4f51ddf54dd771
    
      i386 architecture (Intel ia32)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_i386.deb
          Size/MD5 checksum:   255102 f79202c825c979fafd8de828401a8179
    
      ia64 architecture (Intel ia64)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_ia64.deb
          Size/MD5 checksum:   321168 30d2ce430f8ae75eabf76d9f2427f6cb
    
      m68k architecture (Motorola Mc680x0)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_m68k.deb
          Size/MD5 checksum:   249258 79367429ca9b917c99db373c205da8f8
    
      mips architecture (MIPS (Big Endian))
    
        Not yet available.
    
      mipsel architecture (MIPS (Little Endian))
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_mipsel.deb
          Size/MD5 checksum:   272916 ec410054275c42450c6eb983cfc3e6e6
    
      powerpc architecture (PowerPC)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_powerpc.deb
          Size/MD5 checksum:   268236 3e1954b334be827bdbbf43edb2336978
    
      s390 architecture (IBM S/390)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_s390.deb
          Size/MD5 checksum:   262914 448c89adf5f1eabfafa9b944719d34ba
    
      sparc architecture (Sun SPARC/UltraSPARC)
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody1_sparc.deb
          Size/MD5 checksum:   270306 5d5126fbaf637dffc0224b5a9e402cd1
    
    - -------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.