Date: Thu, 9 Sep 1999 06:28:43 -0700 From: "Ron 'The InSaNe One' Rosson" <insane@lunatic.oneinsane.net> To: Bill Fink <bill@billfink.com> Cc: freebsd-security@freebsd.org Subject: Re: FTP Vulnerability Message-ID: <19990909062843.A590@lunatic.oneinsane.net> In-Reply-To: <51D35DCFD7B0D21189440040333985C0013853@exchange1.billfink.com.247.64.63.IN-ADDR.ARPA>; from Bill Fink on Thu, Sep 09, 1999 at 09:03:01AM -0400 References: <51D35DCFD7B0D21189440040333985C0013853@exchange1.billfink.com.247.64.63.IN-ADDR.ARPA>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 09 Sep 1999, Bill Fink was heard blurting out: >=20 >=20 > I truly apologize, I trust I'm overlooking something here. >=20 > The advisory below states: >=20 > >> Upgrade your wu-ftpd or proftpd=20 > >> ports to the most recent versions > >> (any version after August 30, 1999=20 > >> is not impacted by this problem). >=20 > I've visited the mirrors for the WUFTP site(s) looking for the versions > "after August 30" and there's NOTHING newer than MAY. >=20 Take a look at the patches in the ports tree for these ports and you will see the changes. >=20 > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D > =3D > FreeBSD-SA-99:03 Security > Advisory > FreeBSD, > Inc. >=20 > Topic: Two ftp daemons in ports vulnerable to attack. >=20 > Category: ports > Module: wu-ftpd and proftpd > Announced: 1999-09-05 > Affects: FreeBSD 3.2 (and earlier) > FreeBSD-current before the correction date. > Corrected: FreeBSD-3.3 RELEASE > FreeBSD-current as of 1999/08/30 > FreeBSD only: NO >=20 > Patches: NONE >=20 > I. Background =20 >=20 > wuftpd and proftpd have a flaw which can lead to a remote root > compromise. They are both vulnerable since they are both based on a > code base that is vulnerable. >=20 > II. Problem Description >=20 > Remote users can gain root via a buffer overflow. >=20 > III. Impact >=20 > Remote users can gain root. >=20 > IV. Workaround >=20 > Disable the ftp daemon until you can upgrade your system. >=20 > V. Solution >=20 > Upgrade your wu-ftpd or proftpd ports to the most recent versions (any > version after August 30, 1999 is not impacted by this problem). If > you are running non-port versions, you should verify that your version > is not vulnerable or upgrade to using the ports version of these > programs. >=20 > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D > =3D > FreeBSD, Inc. >=20 > Web Site: http://www.freebsd.org/ > Confidential contacts: security-officer@freebsd.org > Security notifications: security-notifications@freebsd.org > Security public discussion: freebsd-security@freebsd.org > PGP Key: > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc >=20 > Notice: Any patches in this document may not apply cleanly due to > modifications caused by digital signature or mailer software. > Please reference the URL listed at the top of this document > for original copies of all patches if necessary. > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D > =3D >=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message >=20 >=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --=20 ------------------------------------------------------------------- Ron Rosson ... and a UNIX user said ... The InSaNe One rm -rf * insane@oneinsane.net and all was null and void ------------------------------------------------------------------- Practice random acts of intelligence and senseless acts of self-control. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990909062843.A590>