5246106 2000-07-02 23:05 /92 rader/ Postmaster Mottagare: Bugtraq (import) <11569> Ärende: [Security Announce] wu-ftpd update ------------------------------------------------------------ Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Delivered-To: bugtraq@securityfocus.com X-Accept-Language: en, fr Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mime-Autoconverted: from quoted-printable to 8bit b mandrakesoft.mandrakesoft.com id KAA20033 X-Loop: security-announce@linux-mandrake.com X-Sequence: 103 Precedence: list Message-ID: <395F5F6A.ED387163@mandrakesoft.com> Date: Sun, 2 Jul 2000 17:27:38 +0200 Reply-To: security-discuss@linux-mandrake.com Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: Gael Duval <gduval@MANDRAKESOFT.COM> Organization: MandrakeSoft X-To: security-announce@linux-mandrake.com To: BUGTRAQ@SECURITYFOCUS.COM ------------------------------------- Linux-Mandrake Security Update ------------------------------------- Date: July, 2nd 2000 Package name: wu-ftpd Affected versions: 6.0 6.1 7.0 7.1 Problem: Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Because of user input going directly into a format string for a *printf function, it is possible to overwrite important data, such as a return address, on the stack. When this is accomplished, the function can jump into shellcode pointed to by the overwritten eip and execute arbitrary commands as root. While exploited in a manner similar to a buffer overflow, it is actually an input validation problem. Anonymous ftp is exploitable making it even more serious as attacks can come anonymously from anywhere on the internet. Please upgrade to: md5 sum: b4340d1007f5128d5d80502007c11a17 6.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm md5 sum: bb37dbaf5f9fc3953c2869592df608c9 src: 6.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm md5 sum: 89467e25e432271892aea433b613b4f7 6.1/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm md5 sum: bb37dbaf5f9fc3953c2869592df608c9 src: 6.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm md5 sum: 7e240d30b2e8cba1ba0c3dc59908aef7 7.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm md5 sum: bb37dbaf5f9fc3953c2869592df608c9 src: 7.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm md5 sum: 2b83dcb120012f1009e707398b5f4dc4 7.1/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm md5 sum: bb37dbaf5f9fc3953c2869592df608c9 src: 7.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm To upgrade automatically, use « MandrakeUpdate ». If you want to upgrade manually, download the updated package from one of our FTP server mirrors and uprade with "rpm -Uvh package_name". All mirrors are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are available in the "updates/" directory. For example, if you are looking for an updated RPM package for Mandrake 7.1, look for it in: updates/7.1/RPMS/ Notes: - We give the md5 sum for each package. It lets you check the integrity of the downloaded package by running the md5sum command on the package ("md5sum package.rpm"). - You generally do not need to download the source package with a .src.rpm suffix - To subscribe/unsubscribe from the "security-announce" list and subscribe/unsubscribe from the "security-discuss" list see: http://www.linux-mandrake.com/en/flists.php3#security (5246106) ------------------------------------------