[280] in linux-security and linux-alert archive
Re: Exploit for Linux wu.ftpd hole [Forwarded e-mail from Stan Barber]
daemon@ATHENA.MIT.EDU (Jeff Uphoff)
Fri Jul 7 12:08:29 1995
Date: Fri, 7 Jul 1995 11:43:13 -0400
From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
To: linux-security@tarsier.cv.nrao.edu
This appeared on bugtraq and I think that it may be of general interest
here in view of our recent alert on wu-ftpd and the widespread use of
insecure wu-ftpd's within the Linux community. I'm sure they would
appreciate all *valid* security critiques that you can provide.
--Up.
P.S. I have received several requests for the bugtraq list address. The
address of the list appears in the mail headers below--but please note
that the administrative address is "LISTSERV@NETSPACE.ORG"--please do
not send administrative commands (help, subscribe, etc.) to the bugtraq
address. Send a message containing the word "help" in the body to the
Netspace address for further information. The server there is a
LISTSERV, vice a Majordomo, so things work differently than on the Linux
security lists.
------- start of forwarded message (RFC 934 encapsulation) -------
From: Stan Barber <sob@academ.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
Subject: Re: Exploit for Linux wu.ftpd hole
Date: Wed, 5 Jul 1995 17:46:17 CDT
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
I have been working with folks on the wu-ftpd list to create a new release
of wu-ftpd-2.4 that has many bugs fixed (including the bug fixes from
Hobbit). We are in BETA4 and BETA5 will be out soon, but the BETA
release are mostly addressing smaller problems now. I expect to have
a "release" version by the middle of this month.
If you want to see if there are still open security problems, please do.
Here is the URL for the beta:
ftp://ftp.academ.com/pub/wu-ftpd/private/wu-ftpd-2.4.2-beta-4.tar
Report problems/bugs to "wu-ftpd@academ.com" and join the wu-ftpd list
at Washington University if you want get involved.
Note: This version has been tested on Linux 1.2.8 as well as other platforms.
- --
Stan | Academ Consulting Services |internet: sob@academ.com
Olan | For more info on academ, see this |uucp: bcm!academ!sob
Barber | URL- http://www.academ.com/academ |Opinions expressed are only mine.
------- end -------
