DSA-087-1 wu-ftpd -- remote root exploit

Debian Security Advisory

DSA-087-1 wu-ftpd -- remote root exploit

Date Reported:

03 Dec 2001

Affected Packages:

wu-ftpd

Vulnerable:

Yes

Security database references:

In the Bugtraq database (at SecurityFocus): BugTraq ID 3581.
In Mitre's CVE dictionary: CVE-2001-0550.
CERT's vulnerabilities, advisories and incident notes: CA-2001-18, VU#886083.

More information:

CORE ST reports that an exploit has been found for a bug in the wu-ftpd glob code (this is the code that handles filename wildcard expansion). Any logged in user (including anonymous FTP users) can exploit the bug to gain root privileges on the server.

This has been corrected in version 2.6.0-6 of the wu-ftpd package.

Fixed in:

Debian GNU/Linux 2.2 (potato)

Source:

http://security.debian.org/dists/stable/updates/main/source/wu-ftpd_2.6.0-6.diff.gz

http://security.debian.org/dists/stable/updates/main/source/wu-ftpd_2.6.0-6.dsc

http://security.debian.org/dists/stable/updates/main/source/wu-ftpd_2.6.0.orig.tar.gz

Architecture-independent component:

http://security.debian.org/dists/stable/updates/main/binary-all/wu-ftpd-academ_2.6.0-6_all.deb

Alpha:

http://security.debian.org/dists/stable/updates/main/binary-alpha/wu-ftpd_2.6.0-6_alpha.deb

ARM:

http://security.debian.org/dists/stable/updates/main/binary-arm/wu-ftpd_2.6.1-6_arm.deb

Intel IA-32:

http://security.debian.org/dists/stable/updates/main/binary-i386/wu-ftpd_2.6.0-6_i386.deb

PowerPC:

http://security.debian.org/dists/stable/updates/main/binary-powerpc/wu-ftpd_2.6.0-6_powerpc.deb

Sun Sparc:

http://security.debian.org/dists/stable/updates/main/binary-sparc/wu-ftpd_2.6.0-6_sparc.deb

MD5 checksums of the listed files are available in the original advisory.