-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1

- ----- Original Message -----From: "Slackware Security Team" <security@slackware.com>
To: <slackware-security@slackware.com>
Sent: Wednesday, June 28, 2000 5:18 AM
Subject: [slackware-security] wu-ftpd remote exploit patched


A remote exploit has been found in the FTP daemon, wu-ftpd.  This can
allow an attacker full access to your machine.

The wu-ftpd daemon is part of the tcpip1.tgz package in the N series.  A
new tcpip1.tgz package is now available in the Slackware 7.1 tree.  We
have also provided a seperate patch package for users who have already
installed Slackware 7.1 and just want the new FTP daemon.

   ========================================   wu-ftpd 2.6.0 AVAILABLE - (n6/tcpip1.tgz)
   ========================================
      The recent root exploit in wu-ftpd has been patched and the new
      tcpip1.tgz is in the Slackware 7.1 tree:

          

      A seperate wu-ftpd-only patch package is available in the patches/
      subdirectory:

          

      All users are strongly urged to upgrade to the patched wu-ftpd
      daemon.  You only need to download one package to get the new FTP
      daemon.

      Here are the md5sums and checksums for the packages:

         1660403894 62427 ./wu-ftpd-patch.tgz
         d42c1708634232f8bc6a396827959851  ./wu-ftpd-patch.tgz

         3287743865 1017793 ./n6/tcpip1.tgz
         7aff2b13086e881a6ee029d44a448f17  ./n6/tcpip1.tgz


      INSTALLATION INSTRUCTIONS FOR THE tcpip1.tgz PACKAGE:
      ----------------------------------------------------      If you have downloaded the new tcpip1.tgz package, you should bring
      the system into runlevel 1 and run upgradepkg on it:

         # telinit 1
         # upgradepkg tcpip1.tgz
         # telinit 3


      INSTALLATION INSTRUCTIONS FOR THE wu-ftpd-patch.tgz PACKAGE:
      -----------------------------------------------------------      If you have downloaded the wu-ftpd-patch.tgz package, you should
      bring the system into runlevel 1 and run installpkg on it:

         # telinit 1
         # installpkg wu-ftpd-patch.tgz
         # telinit 3


Remember, it's also a good idea to backup configuration files before
upgrading packages.

- - Slackware Linux Security Team
  The Slackware Linux Project


-----BEGIN PGP SIGNATURE-----Version: PGPfreeware 6.5.2 for non-commercial use  

iQA/AwUBOVollsngd47OM+yTEQIZsgCffHR0j80zHs9sl79XyZBtwBULuNsAn3mY
tce8IvTDwbIul0DIFAbkees1
=mLB4
-----END PGP SIGNATURE-----

Slackware: wu-ftpd update 2000-06-28

June 28, 2000

A remote exploit has been found in the FTP daemon, wu-ftpd

Summary

Where Find New Packages

MD5 Signatures

Severity
- ----- Original Message -----From: "Slackware Security Team" <security@slackware.com> To: <slackware-security@slackware.com> Sent: Wednesday, June 28, 2000 5:18 AM Subject: [slackware-security] wu-ftpd remote exploit patched A remote exploit has been found in the FTP daemon, wu-ftpd. This can allow an attacker full access to your machine. The wu-ftpd daemon is part of the tcpip1.tgz package in the N series. A new tcpip1.tgz package is now available in the Slackware 7.1 tree. We have also provided a seperate patch package for users who have already installed Slackware 7.1 and just want the new FTP daemon. ======================================== wu-ftpd 2.6.0 AVAILABLE - (n6/tcpip1.tgz) ======================================== The recent root exploit in wu-ftpd has been patched and the new tcpip1.tgz is in the Slackware 7.1 tree: A seperate wu-ftpd-only patch package is available in the patches/ subdirectory: All users are strongly urged to upgrade to the patched wu-ftpd daemon. You only need to download one package to get the new FTP daemon. Here are the md5sums and checksums for the packages: 1660403894 62427 ./wu-ftpd-patch.tgz d42c1708634232f8bc6a396827959851 ./wu-ftpd-patch.tgz 3287743865 1017793 ./n6/tcpip1.tgz 7aff2b13086e881a6ee029d44a448f17 ./n6/tcpip1.tgz INSTALLATION INSTRUCTIONS FOR THE tcpip1.tgz PACKAGE: ---------------------------------------------------- If you have downloaded the new tcpip1.tgz package, you should bring the system into runlevel 1 and run upgradepkg on it: # telinit 1 # upgradepkg tcpip1.tgz # telinit 3 INSTALLATION INSTRUCTIONS FOR THE wu-ftpd-patch.tgz PACKAGE: ----------------------------------------------------------- If you have downloaded the wu-ftpd-patch.tgz package, you should bring the system into runlevel 1 and run installpkg on it: # telinit 1 # installpkg wu-ftpd-patch.tgz # telinit 3 Remember, it's also a good idea to backup configuration files before upgrading packages. - - Slackware Linux Security Team The Slackware Linux Project -----BEGIN PGP SIGNATURE-----Version: PGPfreeware 6.5.2 for non-commercial use iQA/AwUBOVollsngd47OM+yTEQIZsgCffHR0j80zHs9sl79XyZBtwBULuNsAn3mY tce8IvTDwbIul0DIFAbkees1 =mLB4 -----END PGP SIGNATURE-----

Installation Instructions

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved