---

wu-ftpd contains exploitable vulnerability

Pieter Nieuwenhuijsen has
posted a vulnerability to BUGTRAQ that exploits a security bug in
the wu-ftpd [beta-18] that is shipped with Red Hat Linux 5.2, and
possibly ot her distributions.

Here is the comment section at the beginning of “duke”‘s exploit:

THIS IS PRIVATE! DO NOT DISTRIBUTE!!!!   PRIVATE!

WU-FTPD REMOTE EXPLOIT Version wu-2.4.2-academ[BETA-18](1)
for linux x86 (redhat 5.2)

by duke
duke@viper.net.au

BIG thanks to stran9er for alot of help with part of the shellcode!
i fear stran9er, but who doesn't? !@$ :)

Greets to: #!ADM, el8.org users,

To exploit this remotely they need to have a directory you can 
have write privlidges to.. this is the <dir> argument.. you can
also use this locally by specifying -l <ur login> -p <urpass> with the
<dir> = your home directory or something..(must begin with '/')
also alignment arg is how return address  is aligned.. shouldnt need it,
but if u do it should be between 0 and 3 

It takes about 10 seconds after "logged in" so be patient.
-duke

Per his request, we will not distribute the exploit here on
Linux Today. Please take appropriate security measures at your
site.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis