Bugtraq mailing list archives
Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd)
From: wh () BISS-NET COM (Wolfgang Hamburg)
Date: Fri, 30 Jun 2000 09:22:29 +0200
RHSA-2000:039-02: remote root exploit (SITE EXEC) fixed[...]A security bug in wu-ftpd can permit remote users, even without an account, to gain root access. The new version closes the hole. 2. Relevant releases/architectures: Red Hat Linux 5.2 - i386 alpha sparc(which includes wu-ftpd-2.4.2b18-2.i386.rpm)Red Hat Linux 6.2 - i386 alpha sparc
(which includes wu-ftpd-2.6.0-3.i386.rpm)
What about Red Hat 6.0 (includes wu-ftpd-2.4.2vr17-3.i386.rpm) and 6.1 (includes wu-ftpd-2.5.0-9.i386.rpm)? I know that the sploit tf8 released was for version 2.6.0, but earlier versions of wu-ftpd are vunerable, too. Does anyone know if Red Hat plans to release RPMs to fix the 2.5.0 version included in Red Hat 6.1?
Redhat claimes (see http://www.redhat.com/support/errata/index.html) that Version 4.2 is also maintained. The last rpm is wu-ftpd-2.6.0-0.4.2.i386.rpm and it seems also vulnerable. The source rpm contains the original sources from ftp.wu-ftpd.org. Redhat wake up! wolfgang -- 011°55'03"E 53°54'24"N (WGS-84)
Current thread:
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Wolfgang Hamburg (Jun 30)