Date: Wed, 25 Aug 1999 20:21:23 -0400 From: Jeff Johnson <jbj@redhat.com> To: redhat-watch-list@redhat.com Subject: [SECURITY] RHSA-1999:031 Another buffer overflow in wu-ftpd is fixed --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Another buffer overflow in wu-ftpd is fixed Advisory ID: RHSA-1999:031-01 Issue date: 1999-08-25 Keywords: wu-ftpd buffer overflow --------------------------------------------------------------------- 1. Topic: New packages of wu-ftpd are available for all Red Hat Linux platforms. This version includes an important security fix as well as fixes for all known problems in wu-ftpd at this time. 2. Bug IDs fixed: 1599 3482 3866 3. Relevant releases/architectures: Red Hat Linux 6.0, all architectures Red Hat Linux 5.x, all architectures Red Hat Linux 4.x, all architectures 4. Obsoleted by: 5. Conflicts with: 6. RPMs required: Red Hat Linux 6.0: Intel: ftp://updates.redhat.com/6.0/i386/wu-ftpd-2.5.0-5.6.0.i386.rpm Alpha: ftp://updates.redhat.com/6.0/alpha/wu-ftpd-2.5.0-5.6.0.alpha.rpm Sparc: ftp://updates.redhat.com/6.0/sparc/wu-ftpd-2.5.0-5.6.0.sparc.rpm Source: ftp://updates.redhat.com/6.0/SRPMS/wu-ftpd-2.5.0-5.6.0.src.rpm Red Hat Linux 5.x: Intel: ftp://updates.redhat.com/5.2/i386/wu-ftpd-2.5.0-5.5.x.i386.rpm Alpha: ftp://updates.redhat.com/5.2/alpha/wu-ftpd-2.5.0-5.5.x.alpha.rpm Sparc: ftp://updates.redhat.com/5.2/sparc/wu-ftpd-2.5.0-5.5.x.sparc.rpm Source: ftp://updates.redhat.com/5.2/SRPMS/wu-ftpd-2.5.0-5.5.x.src.rpm Red Hat Linux 4.x: Intel: ftp://updates.redhat.com/4.2/i386/wu-ftpd-2.5.0-5.4.x.i386.rpm Alpha: ftp://updates.redhat.com/4.2/alpha/wu-ftpd-2.5.0-5.4.x.alpha.rpm Sparc: ftp://updates.redhat.com/4.2/sparc/wu-ftpd-2.5.0-5.4.x.sparc.rpm Source: ftp://updates.redhat.com/4.2/SRPMS/wu-ftpd-2.5.0-5.4.x.src.rpm 7. Problem description: An explotable buffer overflow security problem in the wu-ftpd daemon has been fixed. The previous errata for wu-ftpd did not update /var/run/utmp correctly when a session was disconnected. This problem manifested itself as last displaying connections that had terminated as still active. A minor and obscure problem with members not in a configured class being permitted to login on the second attempt has been fixed. Thanks go to Gregory A. Lundberg of the WU-FTPD Development Group for supplying the patches. 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh <filename> where filename is the name of the RPM. 9. Verification: MD5 sum Package Name -------------------------------------------------------------------------- ccfbc56597f38abd79688e8742b2005e 4.2/SRPMS/wu-ftpd-2.5.0-5.4.x.src.rpm f1bfc82095f5fd5f834c709699e098d9 4.2/alpha/wu-ftpd-2.5.0-5.4.x.alpha.rpm 830e515d27b674cc6657a8287112c852 4.2/i386/wu-ftpd-2.5.0-5.4.x.i386.rpm 4c831a2c451eedc562f16448a964725d 4.2/sparc/wu-ftpd-2.5.0-5.4.x.sparc.rpm 5a9528d4cca6ceffddb8599af6537498 5.2/SRPMS/wu-ftpd-2.5.0-5.5.x.src.rpm 8f123558e25527043b87e8316845086e 5.2/alpha/wu-ftpd-2.5.0-5.5.x.alpha.rpm 6026b858d5396c09e2613d5f022889d4 5.2/i386/wu-ftpd-2.5.0-5.5.x.i386.rpm 81af3044041ffdb04d10acb210bb7f63 5.2/sparc/wu-ftpd-2.5.0-5.5.x.sparc.rpm f73f420b55128a2228e8c6cf5692fc64 6.0/SRPMS/wu-ftpd-2.5.0-5.6.0.src.rpm 0d13ec35e8ad4bb6f44ba7489c7d8a84 6.0/alpha/wu-ftpd-2.5.0-5.6.0.alpha.rpm cdac8067673e58ed64f3a96d5ba5b6f9 6.0/i386/wu-ftpd-2.5.0-5.6.0.i386.rpm 22cfce1de906e413fe5561fd36a35d2f 6.0/sparc/wu-ftpd-2.5.0-5.6.0.sparc.rpm These packages are PGP signed by Red Hat Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp <filename> 10. References: -- To unsubscribe: mail redhat-watch-list-request@redhat.com with "unsubscribe" as the Subject.