![[LWN Logo]](/images/lc.png) |
|
![[Timeline]](/images/Included.png) |
Date: Sun, 02 Jul 2000 17:27:38 +0200
From: Gael Duval <gduval@mandrakesoft.com>
Newsgroups: alt.os.linux.mandrake
To: security-announce@linux-mandrake.com
Subject: [Security Announce] wu-ftpd update
-------------------------------------
Linux-Mandrake Security Update
-------------------------------------
Date: July, 2nd 2000
Package name: wu-ftpd
Affected versions: 6.0 6.1 7.0 7.1
Problem:
Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC
implementation. Because of user input going directly into a format
string for a *printf function, it is possible to overwrite important
data, such as a return address, on the stack. When this is
accomplished, the function can jump into shellcode pointed to by the
overwritten eip and execute arbitrary commands as root. While
exploited in a manner similar to a buffer overflow, it is actually an
input validation problem. Anonymous ftp is exploitable making it even
more serious as attacks can come anonymously from anywhere on the
internet.
Please upgrade to:
md5 sum: b4340d1007f5128d5d80502007c11a17
6.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm
md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 6.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm
md5 sum: 89467e25e432271892aea433b613b4f7
6.1/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm
md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 6.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm
md5 sum: 7e240d30b2e8cba1ba0c3dc59908aef7
7.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm
md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 7.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm
md5 sum: 2b83dcb120012f1009e707398b5f4dc4
7.1/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm
md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 7.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm
To upgrade automatically, use « MandrakeUpdate ». If you want to
upgrade manually, download the updated package from one of our FTP
server mirrors and uprade with "rpm -Uvh package_name". All mirrors
are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are
available in the "updates/" directory.
For example, if you are looking for an updated RPM package for
Mandrake 7.1, look for it in: updates/7.1/RPMS/
Notes:
- We give the md5 sum for each package. It lets you check the
integrity of the downloaded package by running the md5sum command on
the package ("md5sum package.rpm").
- You generally do not need to download the source package with a
.src.rpm suffix
- To subscribe/unsubscribe from the "security-announce" list and
subscribe/unsubscribe from the "security-discuss" list see:
http://www.linux-mandrake.com/en/flists.php3#security