“An exploitable buffer overflow security problem in the wu-ftpd
daemon has been fixed.
“The previous errata for wu-ftpd did not update /var/run/utmp
correctly when a session was disconnected. This problem manifested
itself as last displaying connections that had terminated as still
active.
“A minor and obscure problem with members not in a configured
class being permitted to login on the second attempt has been
fixed.”
Date: Wed, 25 Aug 1999 20:21:23 -0400
From: Jeff Johnson @redhat.com
Reply-To: redhat-watch-list@redhat.com
Red Hat, Inc. Security Advisory
Synopsis: Another buffer overflow in wu-ftpd is fixed
Advisory ID: RHSA-1999:031-01
Issue date: 1999-08-25
Keywords: wu-ftpd buffer overflow
1. Topic:
New packages of wu-ftpd are available for all Red Hat Linux
platforms. This version includes an important security fix as well
as fixes for all known problems in wu-ftpd at this time.
2. Bug IDs fixed:
1599 3482 3866
3. Relevant releases/architectures:
Red Hat Linux 6.0, all architectures
Red Hat Linux 5.x, all architectures
Red Hat Linux 4.x, all architectures
4. Obsoleted by:
5. Conflicts with:
6. RPMs required:
Red Hat Linux 6.0:
Intel:
ftp://updates.redhat.com/6.0/i386/wu-ftpd-2.5.0-5.6.0.i386.rpm
Alpha:
ftp://updates.redhat.com/6.0/alpha/wu-ftpd-2.5.0-5.6.0.alpha.rpm
Sparc:
ftp://updates.redhat.com/6.0/sparc/wu-ftpd-2.5.0-5.6.0.sparc.rpm
Source:
ftp://updates.redhat.com/6.0/SRPMS/wu-ftpd-2.5.0-5.6.0.src.rpm
Red Hat Linux 5.x:
Intel:
ftp://updates.redhat.com/5.2/i386/wu-ftpd-2.5.0-5.5.x.i386.rpm
Alpha:
ftp://updates.redhat.com/5.2/alpha/wu-ftpd-2.5.0-5.5.x.alpha.rpm
Sparc:
ftp://updates.redhat.com/5.2/sparc/wu-ftpd-2.5.0-5.5.x.sparc.rpm
Source:
ftp://updates.redhat.com/5.2/SRPMS/wu-ftpd-2.5.0-5.5.x.src.rpm
Red Hat Linux 4.x:
Intel:
ftp://updates.redhat.com/4.2/i386/wu-ftpd-2.5.0-5.4.x.i386.rpm
Alpha:
ftp://updates.redhat.com/4.2/alpha/wu-ftpd-2.5.0-5.4.x.alpha.rpm
Sparc:
ftp://updates.redhat.com/4.2/sparc/wu-ftpd-2.5.0-5.4.x.sparc.rpm
Source:
ftp://updates.redhat.com/4.2/SRPMS/wu-ftpd-2.5.0-5.4.x.src.rpm
7. Problem description:
An exploitable buffer overflow security problem in the wu-ftpd
daemon has been fixed.
The previous errata for wu-ftpd did not update /var/run/utmp
correctly when a session was disconnected. This problem manifested
itself as last displaying connections that had terminated as still
active.
A minor and obscure problem with members not in a configured
class being permitted to login on the second attempt has been
fixed.
Thanks go to Gregory A. Lundberg of the WU-FTPD Development
Group for supplying the patches.
8. Solution:
For each RPM for your particular architecture, run:
rpm -Uvh
where filename is the name of the RPM.
9. Verification:
MD5 sum Package Name
ccfbc56597f38abd79688e8742b2005e 4.2/SRPMS/wu-ftpd-2.5.0-5.4.x.src.rpm
f1bfc82095f5fd5f834c709699e098d9 4.2/alpha/wu-ftpd-2.5.0-5.4.x.alpha.rpm
830e515d27b674cc6657a8287112c852 4.2/i386/wu-ftpd-2.5.0-5.4.x.i386.rpm
4c831a2c451eedc562f16448a964725d 4.2/sparc/wu-ftpd-2.5.0-5.4.x.sparc.rpm
5a9528d4cca6ceffddb8599af6537498 5.2/SRPMS/wu-ftpd-2.5.0-5.5.x.src.rpm
8f123558e25527043b87e8316845086e 5.2/alpha/wu-ftpd-2.5.0-5.5.x.alpha.rpm
6026b858d5396c09e2613d5f022889d4 5.2/i386/wu-ftpd-2.5.0-5.5.x.i386.rpm
81af3044041ffdb04d10acb210bb7f63 5.2/sparc/wu-ftpd-2.5.0-5.5.x.sparc.rpm
f73f420b55128a2228e8c6cf5692fc64 6.0/SRPMS/wu-ftpd-2.5.0-5.6.0.src.rpm
0d13ec35e8ad4bb6f44ba7489c7d8a84 6.0/alpha/wu-ftpd-2.5.0-5.6.0.alpha.rpm
cdac8067673e58ed64f3a96d5ba5b6f9 6.0/i386/wu-ftpd-2.5.0-5.6.0.i386.rpm
22cfce1de906e413fe5561fd36a35d2f 6.0/sparc/wu-ftpd-2.5.0-5.6.0.sparc.rpm
These packages are PGP signed by Red Hat Inc. for security. Our
key is available at:
http://www.redhat.com/corp/contact.html
You can verify each package with the following command:
rpm –checksig
If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
following command:
rpm –checksig –nopgp
10. References: