OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: [Security Announce] wu-ftpd update
From: Gael Duval (gduvalMANDRAKESOFT.COM)
Date: Sun Jul 02 2000 - 10:27:38 CDT


-------------------------------------

   Linux-Mandrake Security Update

-------------------------------------

Date: July, 2nd 2000

Package name: wu-ftpd

Affected versions: 6.0 6.1 7.0 7.1

Problem:
Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC
implementation. Because of user input going directly into a format
string for a *printf function, it is possible to overwrite important
data, such as a return address, on the stack. When this is
accomplished, the function can jump into shellcode pointed to by the
overwritten eip and execute arbitrary commands as root. While
exploited in a manner similar to a buffer overflow, it is actually an
input validation problem. Anonymous ftp is exploitable making it even
more serious as attacks can come anonymously from anywhere on the
internet.

Please upgrade to:

md5 sum: b4340d1007f5128d5d80502007c11a17
6.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm

md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 6.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

md5 sum: 89467e25e432271892aea433b613b4f7
6.1/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm

md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 6.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

md5 sum: 7e240d30b2e8cba1ba0c3dc59908aef7
7.0/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm

md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 7.0/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

md5 sum: 2b83dcb120012f1009e707398b5f4dc4
7.1/RPMS/wu-ftpd-2.6.0-7mdk.i586.rpm

md5 sum: bb37dbaf5f9fc3953c2869592df608c9
src: 7.1/SRPMS/wu-ftpd-2.6.0-7mdk.src.rpm

To upgrade automatically, use MandrakeUpdate . If you want to
upgrade manually, download the updated package from one of our FTP
server mirrors and uprade with "rpm -Uvh package_name". All mirrors
are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are
available in the "updates/" directory.

For example, if you are looking for an updated RPM package for
Mandrake 7.1, look for it in: updates/7.1/RPMS/

Notes:
- We give the md5 sum for each package. It lets you check the
integrity of the downloaded package by running the md5sum command on
the package ("md5sum package.rpm").
- You generally do not need to download the source package with a
.src.rpm suffix
- To subscribe/unsubscribe from the "security-announce" list and
subscribe/unsubscribe from the "security-discuss" list see:
http://www.linux-mandrake.com/en/flists.php3#security