RH6.0: wu-ftpd (RHSA-1999:031-01)
Posted by LinuxSecurity.com Team   
RedHat Linux New packages of wu-ftpd are available for all Red Hat Linux platforms. This version includes an important security fix as well as fixes for all known problems in wu-ftpd at this time.
 
Red Hat, Inc. Security Advisory
Package wu-ftpd

Synopsis Another buffer overflow in wu- ftpd is fixed

Advisory ID RHSA-1999:031-01

Issue Date 1999-08-25

Updated on

Keywords wu-ftpd buffer overflow



1. Topic:
New packages of wu-ftpd are available for all Red Hat Linux platforms. This version includes an important security fix as well as fixes for all known problems in wu-ftpd at this time.

2. Bug IDs fixed:
1599 3482 3866

3. Relevant releases/architectures:
Red Hat Linux 6.0, all architectures

4. Obsoleted by:
None

5. Conflicts with:
None

6. RPMs required:

Intel:

ftp://updates.Red Hat.com/6.0/i386/

wu- ftpd-2.5.0-5.6.0.i386.rpm

Alpha:

ftp://updates.Red Hat.com/6.0/alpha

wu- ftpd-2.5.0-5.6.0.alpha.rpm

SPARC:

ftp://updates.Red Hat.com/6.0/sparc

wu- ftpd-2.5.0-5.6.0.sparc.rpm

Source:

ftp://updates.Red Hat.com/6.0/SRPMS

wu- ftpd-2.5.0-5.6.0.src.rpm

Architecture neutral:

ftp://updates.Red Hat.com/6.0/noarch/

7. Problem description:
An explotable buffer overflow security problem in the wu-ftpd daemon has been fixed.

The previous errata for wu-ftpd did not update /var/run/utmp correctly when a session was disconnected. This problem manifested itself as last displaying connections that had terminated as still active.

A minor and obscure problem with members not in a configured class being permitted to login on the second attempt has been fixed.

Thanks go to Gregory A. Lundberg of the WU-FTPD Development Group for supplying the patches.

8. Solution:
For each RPM for your particular architecture, run:

rpm -Uvh filename

where filename is the name of the RPM.

Then restart inetd by typing:

/etc/rc.d/init.d/inet restart

9. Verification:


 MD5 sum                           Package Name

 -------------------------------------------------------------------------

f73f420b55128a2228e8c6cf5692fc64  6.0/SRPMS/wu-ftpd-2.5.0-5.6.0.src.rpm

0d13ec35e8ad4bb6f44ba7489c7d8a84  6.0/alpha/wu-ftpd-2.5.0-5.6.0.alpha.rpm

cdac8067673e58ed64f3a96d5ba5b6f9  6.0/i386/wu-ftpd-2.5.0-5.6.0.i386.rpm

22cfce1de906e413fe5561fd36a35d2f  6.0/sparc/wu-ftpd-2.5.0-5.6.0.sparc.rpm





 
These packages are also PGP signed by Red Hat Inc. for security. Our key is available at: http://www.Red Hat.com/corp/contac t.html

You can verify each package with the following command:

rpm --checksig filename

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:

rpm --checksig --nopgp filename

10. References: