5224318 2000-06-24 00:45 /162 rader/ Postmaster Mottagare: Bugtraq (import) <11412> Ärende: Security Update: wu-ftpd vulnerability ------------------------------------------------------------ Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Delivered-To: bugtraq@securityfocus.com Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Message-ID: <20000623135118.A28394@phoenix.calderasystems.com> Date: Fri, 23 Jun 2000 13:51:18 -0600 Reply-To: Technical Support <support@PHOENIX.CALDERASYSTEMS.COM> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: Technical Support <support@PHOENIX.CALDERASYSTEMS.COM> X-To: announce@lists.calderasystems.com, inux-security@redhat.com security-alerts@linuxsecurity.com To: BUGTRAQ@SECURITYFOCUS.COM -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: wu-ftpd vulnerability Advisory number: CSSA-2000-020.0 Issue date: 2000 June, 23 Cross reference: ______________________________________________________________________________ 1. Problem Description There is a problem in wu-ftpd handling of the SITE EXEC command that allows remote attackers to gain root access. This attack is possible in the default configuration of the wu-ftpd we are shipping for all ftp users, including the anonymous user. We urge our users to upgrade to the fixed version of wu-ftpd. 2. Vulnerable Versions System Package ----------------------------------------------------------- OpenLinux Desktop 2.3 All packages previous to wu-ftpd-2.5.0-7 OpenLinux eServer 2.3 All packages previous to and OpenLinux eBuilder wu-ftpd-2.5.0-7 OpenLinux eDesktop 2.4 All packages previous to wu-ftpd-2.5.0-7 3. Solution Workaround: If you do not need wu-ftpd, deinstall it running following command as root: rpm -e wu-ftpd The proper solution is to upgrade to the fixed packages. 4. OpenLinux Desktop 2.3 4.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/ The corresponding source code package can be found at: ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS 4.2 Verification ddc86702f33d6a5edddab258ddd72195 RPMS/wu-ftpd-2.5.0-7.i386.rpm 8090110ecef8d1efd2fe4c279f209e29 SRPMS/wu-ftpd-2.5.0-7.src.rpm 4.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -F wu-ftpd-2.5.0-7.i386.rpm 5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0 5.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/ The corresponding source code package can be found at: ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS 5.2 Verification f909e8b47ec6780109c2437cdfdc2497 RPMS/wu-ftpd-2.5.0-7.i386.rpm 8354edf2f90e59aa96d8baf1d77e28a0 SRPMS/wu-ftpd-2.5.0-7.src.rpm 5.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -F wu-ftpd-2.5.0-7.i386.rpm 6. OpenLinux eDesktop 2.4 6.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/ The corresponding source code package can be found at: ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS 6.2 Verification d2df4fb386d65387039f33538571d907 RPMS/wu-ftpd-2.5.0-7.i386.rpm 13313d25d6d93dd98dd94e62d48c711c SRPMS/wu-ftpd-2.5.0-7.src.rpm 6.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -F wu-ftpd-2.5.0-7.i386.rpm 7. References This and other Caldera security resources are located at: http://www.calderasystems.com/support/security/index.html This security fix closes Caldera's internal Problem Report 6922. 8. Disclaimer Caldera Systems, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera OpenLinux. 9. Acknowledgements Caldera Systems wishes to thank Daniel Jacobowitz for providing patches to the problem. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE5U2un18sy83A/qfwRAhcpAJ472gS3sX8f5zbnl+Efy1C45I02MgCguX5n HCRGVcjTYIdrbnI0cZxP0xM= =cRb3 -----END PGP SIGNATURE----- (5224318) ------------------------------------------(Ombruten)