From owner-freebsd-security Tue Nov 27 18: 2:30 2001 Delivered-To: freebsd-security@freebsd.org Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1]) by hub.freebsd.org (Postfix) with ESMTP id AA48B37B405 for ; Tue, 27 Nov 2001 18:02:20 -0800 (PST) Received: (from root@localhost) by cage.simianscience.com (8.11.6/8.11.6) id fAS22Jf40654 for freebsd-security@freebsd.org; Tue, 27 Nov 2001 21:02:19 -0500 (EST) (envelope-from mike@sentex.net) Received: from chimp.sentex.net (fcage [192.168.0.2]) by cage.simianscience.com (8.11.6/8.11.6av) with ESMTP id fAS22F140646 for ; Tue, 27 Nov 2001 21:02:16 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20011127210017.0545a5e0@192.168.0.12> X-Sender: mdtancsa@192.168.0.12 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 27 Nov 2001 21:02:13 -0500 To: freebsd-security@freebsd.org From: Mike Tancsa Subject: wu-ftpd ? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I guess the post below is relates to what was on bugtraq last week about the mysterious new wu-ftpd vulnerability. I still dont see anything on wu-ftpd's site about it. Is this something specific to LINUX then ? Anyone have any info ? ---Mike >Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm >List-Id: >List-Post: >List-Help: >List-Unsubscribe: >List-Subscribe: >Delivered-To: mailing list bugtraq@securityfocus.com >Delivered-To: moderator for bugtraq@securityfocus.com >Subject: [RHSA-2001:157-06] Updated wu-ftpd packages are available >From: bugzilla@redhat.com >Date: Tue, 27 Nov 2001 18:37 -0500 >To: redhat-watch-list@redhat.com >Cc: bugtraq@securityfocus.com, linux-security@redhat.com >X-Virus-Scanned: by AMaViS perl-10 >X-MIME-Autoconverted: from quoted-printable to 8bit by >cage.simianscience.com id fAS1enD40368 > >--------------------------------------------------------------------- > Red Hat, Inc. Red Hat Security Advisory > >Synopsis: Updated wu-ftpd packages are available >Advisory ID: RHSA-2001:157-06 >Issue date: 2001-11-20 >Updated on: 2001-11-26 >Product: Red Hat Linux >Keywords: wu-ftpd buffer overrun glob ftpglob >Cross references: >Obsoletes: RHSA-2000:039 >--------------------------------------------------------------------- > >1. Topic: > >Updated wu-ftpd packages are available to fix an overflowable buffer. > >2. Relevant releases/architectures: > >Red Hat Linux 6.2 - alpha, i386, sparc > >Red Hat Linux 7.0 - alpha, i386 > >Red Hat Linux 7.1 - alpha, i386, ia64 > >Red Hat Linux 7.2 - i386 > >3. Problem description: > >An overflowable buffer exists in earlier versions of wu-ftpd. >An attacker could gain access to the machine by sending malicious >commands. > >It is recommended that all users of wu-ftpd upgrade to the lastest >version. > >4. Solution: > >Before applying this update, make sure all previously released errata >relevant to your system have been applied. > >To update all RPMs for your particular architecture, run: > >rpm -Fvh [filenames] > >where [filenames] is a list of the RPMs you wish to upgrade. Only those >RPMs which are currently installed will be updated. Those RPMs which are >not installed but included in the list will not be updated. Note that you >can also use wildcards (*.rpm) if your current directory *only* contains the >desired RPMs. > >Please note that this update is also available via Red Hat Network. Many >people find this an easier way to apply updates. To use Red Hat Network, >launch the Red Hat Update Agent with the following command: > >up2date > >This will start an interactive process that will result in the appropriate >RPMs being upgraded on your system. > >5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): > > > >6. RPMs required: > >Red Hat Linux 6.2: > >SRPMS: >ftp://updates.redhat.com/6.2/en/os/SRPMS/wu-ftpd-2.6.1-0.6x.21.src.rpm > >alpha: >ftp://updates.redhat.com/6.2/en/os/alpha/wu-ftpd-2.6.1-0.6x.21.alpha.rpm > >i386: >ftp://updates.redhat.com/6.2/en/os/i386/wu-ftpd-2.6.1-0.6x.21.i386.rpm > >sparc: >ftp://updates.redhat.com/6.2/en/os/sparc/wu-ftpd-2.6.1-0.6x.21.sparc.rpm > >Red Hat Linux 7.0: > >SRPMS: >ftp://updates.redhat.com/7.0/en/os/SRPMS/wu-ftpd-2.6.1-16.7x.1.src.rpm > >alpha: >ftp://updates.redhat.com/7.0/en/os/alpha/wu-ftpd-2.6.1-16.7x.1.alpha.rpm > >i386: >ftp://updates.redhat.com/7.0/en/os/i386/wu-ftpd-2.6.1-16.7x.1.i386.rpm > >Red Hat Linux 7.1: > >SRPMS: >ftp://updates.redhat.com/7.1/en/os/SRPMS/wu-ftpd-2.6.1-16.7x.1.src.rpm > >alpha: >ftp://updates.redhat.com/7.1/en/os/alpha/wu-ftpd-2.6.1-16.7x.1.alpha.rpm > >i386: >ftp://updates.redhat.com/7.1/en/os/i386/wu-ftpd-2.6.1-16.7x.1.i386.rpm > >ia64: >ftp://updates.redhat.com/7.1/en/os/ia64/wu-ftpd-2.6.1-16.7x.1.ia64.rpm > >Red Hat Linux 7.2: > >SRPMS: >ftp://updates.redhat.com/7.2/en/os/SRPMS/wu-ftpd-2.6.1-20.src.rpm > >i386: >ftp://updates.redhat.com/7.2/en/os/i386/wu-ftpd-2.6.1-20.i386.rpm > > > >7. Verification: > >MD5 sum Package Name >-------------------------------------------------------------------------- >a33d4557c473b88cc7bed8718bd07a2f 6.2/en/os/SRPMS/wu-ftpd-2.6.1-0.6x.21.src.rpm >da84b22853f1048d45803ebeec8d061c >6.2/en/os/alpha/wu-ftpd-2.6.1-0.6x.21.alpha.rpm >281fa607c3f6479e369673cb9247d169 6.2/en/os/i386/wu-ftpd-2.6.1-0.6x.21.i386.rpm >20bf731056d48351d2194956f4762091 >6.2/en/os/sparc/wu-ftpd-2.6.1-0.6x.21.sparc.rpm >52406d7ddd2c14c669a8c9203f99ac5c 7.0/en/os/SRPMS/wu-ftpd-2.6.1-16.7x.1.src.rpm >35315a5fa466beb3bdc26aa4fc1c872f >7.0/en/os/alpha/wu-ftpd-2.6.1-16.7x.1.alpha.rpm >c97683b85603d34853b3825c9b694f20 7.0/en/os/i386/wu-ftpd-2.6.1-16.7x.1.i386.rpm >52406d7ddd2c14c669a8c9203f99ac5c 7.1/en/os/SRPMS/wu-ftpd-2.6.1-16.7x.1.src.rpm >35315a5fa466beb3bdc26aa4fc1c872f >7.1/en/os/alpha/wu-ftpd-2.6.1-16.7x.1.alpha.rpm >c97683b85603d34853b3825c9b694f20 7.1/en/os/i386/wu-ftpd-2.6.1-16.7x.1.i386.rpm >56af9e1de2b3d532e1e4dce18636f6c4 7.1/en/os/ia64/wu-ftpd-2.6.1-16.7x.1.ia64.rpm >efd2a876ad8d7c4879d3eeaeeec7fcef 7.2/en/os/SRPMS/wu-ftpd-2.6.1-20.src.rpm >7306f24d3d7d518068c5e08959d43bdd 7.2/en/os/i386/wu-ftpd-2.6.1-20.i386.rpm > > >These packages are GPG signed by Red Hat, Inc. for security. Our key >is available at: > http://www.redhat.com/about/contact/pgpkey.html > >You can verify each package with the following command: > rpm --checksig > >If you only wish to verify that each package has not been corrupted or >tampered with, examine only the md5sum with the following command: > rpm --checksig --nogpg > >8. References: > > > > >Copyright(c) 2000, 2001 Red Hat, Inc. -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message