Debian: 'wu-ftpd' insecure program execution

    Date05 Sep 2003
    CategoryDebian
    1738
    Posted ByLinuxSecurity Advisories
    wu-ftpd, an FTP server, implements a feature whereby multiple filescan be fetched in the form of a dynamically constructed archive file,such as a tar archive. This feature may be abused to execute arbitrary programs with the privileges of the wu-ftpd process.
    
    --------------------------------------------------------------------------
    Debian Security Advisory DSA 377-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Matt Zimmerman
    September 4th, 2003                      http://www.debian.org/security/faq
    --------------------------------------------------------------------------
    
    Package        : wu-ftpd
    Vulnerability  : insecure program execution
    Problem-Type   : remote
    Debian-specific: no
    CVE Ids        : CVE-1999-0997
    
    wu-ftpd, an FTP server, implements a feature whereby multiple files
    can be fetched in the form of a dynamically constructed archive file,
    such as a tar archive.  The names of the files to be included are
    passed as command line arguments to tar, without protection against
    them being interpreted as command-line options.  GNU tar supports
    several command line options which can be abused, by means of this
    vulnerability, to execute arbitrary programs with the privileges of
    the wu-ftpd process.
    
    Georgi Guninski pointed out that this vulnerability exists in Debian
    woody.
    
    For the stable distribution (woody) this problem has been fixed in
    version 2.6.2-3woody2.
    
    For the unstable distribution (sid) this problem will be fixed soon.
    
    We recommend that you update your wu-ftpd package.
    
    Upgrade Instructions
    --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    Debian GNU/Linux 3.0 alias woody
    --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2.dsc
          Size/MD5 checksum:      607 b557af23920403ce4be64670a873a1dd
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2.diff.gz
          Size/MD5 checksum:   100389 c2e481768ed3a0d97a110bc3cd4aefa2
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2.orig.tar.gz
          Size/MD5 checksum:   354784 b3c271f02aadf663b8811d1bff9da3f6
    
      Architecture independent components:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd-academ_2.6.2-3woody2_all.deb
          Size/MD5 checksum:     3474 ae0a727f52cf8f1488222ce2b414a29a
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_alpha.deb
          Size/MD5 checksum:   291710 d9725bc2a271f151fc42605edd6394c6
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_arm.deb
          Size/MD5 checksum:   265366 d435ee1977a93705462528b23b8c9550
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_i386.deb
          Size/MD5 checksum:   257060 ed807ebe3275f76a13eed4fbb2d8a7fa
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_ia64.deb
          Size/MD5 checksum:   321256 beaa9b061436052fddf3f47e2932360a
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_hppa.deb
          Size/MD5 checksum:   275896 c1bea3e7f0cdbab6c7240d5b08b4b9d1
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_m68k.deb
          Size/MD5 checksum:   249368 32f06b3bbe19265f749670950691c7ff
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_mips.deb
          Size/MD5 checksum:   272978 1ec11e5a9b53925b02fb7cfbbc3df56b
    
      Little endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_mipsel.deb
          Size/MD5 checksum:   273058 37140e512eaa62cfa0b99b9983e89b6f
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_powerpc.deb
          Size/MD5 checksum:   268354 4da902291bc8bb6c5c652dfd9f7ba729
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_s390.deb
          Size/MD5 checksum:   263100 a89f0be201d65cff953bc496a6391af4
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/w/wu-ftpd/wu-ftpd_2.6.2-3woody2_sparc.deb
          Size/MD5 checksum:   270448 088bb0a66ee5b74ec59baff506a2be2a
    
      These files will probably be moved into the stable distribution on
      its next revision.
    
    ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"4","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":14.29,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.