Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Subject: [Security Announce] wu-ftpd update
From: Gael Duval (gduvalMANDRAKESOFT.COM)
Date: Sun Jul 02 2000 - 10:27:38 CDT


   Linux-Mandrake Security Update


Date: July, 2nd 2000

Package name: wu-ftpd

Affected versions: 6.0 6.1 7.0 7.1

Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC
implementation. Because of user input going directly into a format
string for a *printf function, it is possible to overwrite important
data, such as a return address, on the stack. When this is
accomplished, the function can jump into shellcode pointed to by the
overwritten eip and execute arbitrary commands as root. While
exploited in a manner similar to a buffer overflow, it is actually an
input validation problem. Anonymous ftp is exploitable making it even
more serious as attacks can come anonymously from anywhere on the

Please upgrade to:

md5 sum: b4340d1007f5128d5d80502007c11a17

md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 6.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

md5 sum: 89467e25e432271892aea433b613b4f7

md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 6.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

md5 sum: 7e240d30b2e8cba1ba0c3dc59908aef7

md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 7.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

md5 sum: 2b83dcb120012f1009e707398b5f4dc4

md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 7.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

To upgrade automatically, use MandrakeUpdate . If you want to
upgrade manually, download the updated package from one of our FTP
server mirrors and uprade with "rpm -Uvh package_name". All mirrors
are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are
available in the "updates/" directory.

For example, if you are looking for an updated RPM package for
Mandrake 7.1, look for it in: updates/7.1/RPMS/

- We give the md5 sum for each package. It lets you check the
integrity of the downloaded package by running the md5sum command on
the package ("md5sum package.rpm").
- You generally do not need to download the source package with a
.src.rpm suffix
- To subscribe/unsubscribe from the "security-announce" list and
subscribe/unsubscribe from the "security-discuss" list see: