RH6.1: wu-ftpd (RHSA-1999:043-01)
Posted by LinuxSecurity.com Team   
RedHat Linux Various computer security groups have reported security problems in the WU-FTPD daemon, the FTP server shipped with all versions of Red Hat Linux.
 
Red Hat, Inc. Security Advisory
Package wu-ftpd

Synopsis Security problems in WU- FTPD

Advisory ID RHSA-1999:043-01

Issue Date 1999-10-21

Updated on

Keywords wu-ftp security remote exploit

Cross references N/A



1. Topic:
Various computer security groups have reported security problems in the WU-FTPD daemon, the FTP server shipped with all versions of Red Hat Linux.

2. Problem description:
Three vulnerabilities have been identified in WU-FTPD and other ftp daemons based on the WU-FTPD source code.

Vulnerability #1: MAPPING_CHDIR Buffer Overflow
Vulnerability #2: Message File Buffer Overflow

Remote and local intruders may be able exploit these vulnerabilities to execute arbitrary code as the user running the ftpd daemon, usually root.

Vulnerability #3: SITE NEWER Consumes Memory

Remote and local intruders who can connect to the FTP server can cause the server to consume excessive amounts of memory, preventing normal system operation. If intruders can create files on the system, they may be able exploit this vulnerability to execute arbitrary code as the user running the ftpd daemon, usually root.

3. Bug IDs fixed:(http://developer.Red Hat.com/bugzilla for more info)
N/A

4. Relevant releases/architectures:
Red Hat Linux 6.1, for i386, alpha and sparc

5. Obsoleted by:
None

6. Conflicts with:
None

7. RPMs required:

Intel:

ftp://updates.Red Hat.com/6.1/i386/

wu-ftpd- 2.6.0-1.i386.rpm

Alpha:

ftp://updates.Red Hat.com/6.0/alpha

wu-ftpd- 2.6.0-1.alpha.rpm

SPARC:

ftp://updates.Red Hat.com/6.0/sparc

wu-ftpd- 2.6.0-1.sparc.rpm

Source:

ftp://updates.Red Hat.com/6.1/SRPMS

wu-ftpd- 2.6.0-1.src.rpm

Architecture neutral:

ftp://updates.Red Hat.com/6.1/noarch/

8. Solution:
For each RPM for your particular architecture, run:

rpm -Uvh filename

where filename is the name of the RPM.

9. Verification:


 MD5 sum                           Package Name

 -------------------------------------------------------------------------
dcd5d04df11849007aa3c4fb398cfbfb  i386/wu-ftpd-2.6.0-1.i386.rpm
a0b3a1a0dcfbdfd1443d0aecd960e907  alpha/wu-ftpd-2.6.0-1.alpha.rpm
7511f1f96b3044207cbe11d34f75ff7a  sparc/wu-ftpd-2.6.0-1.sparc.rpm
7e30ea42e82908752b943621580f6f1c  SRPMS/wu-ftpd-2.6.0-1.src.rpm


 
These packages are GPG signed by Red Hat Inc. for security. Our key is available at: http://www.Red Hat.com/corp/contac t.html

You can verify each package with the following command:

rpm --checksig filename

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command:

rpm --checksig --nogpg filename

10. References: