[12320] in bugtraq
Re: CERT Advisory CA-99.13 - Multiple Vulnerabilities in WU-FTPD
daemon@ATHENA.MIT.EDU (Gregory A Lundberg)
Fri Oct 22 13:33:13 1999
Mail-Followup-To: Richard Trott <trott@SLOWPOISONERS.COM>,
BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19991021200045.I18047@vr.net>
Date: Thu, 21 Oct 1999 20:00:47 -0400
Reply-To: Gregory A Lundberg <lundberg@VR.NET>
From: Gregory A Lundberg <lundberg@VR.NET>
X-To: Richard Trott <trott@SLOWPOISONERS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSO.4.10.9910201511280.26798-100000@www>; from Richard
Trott on Wed, Oct 20, 1999 at 03:16:51PM -0700
On Wed, Oct 20, 1999 at 03:16:51PM -0700, Richard Trott wrote:
> > WU-FTPD and BeroFTPD
> >
> > Vulnerability #1:
> >
> > Not vulnerable:
> > versions 2.4.2 and all betas and earlier versions
> > Vulnerable:
> > wu-ftpd-2.4.2-beta-18-vr4 through wu-ftpd-2.4.2-beta-18-vr15
> > wu-ftpd-2.4.2-vr16 and wu-ftpd-2.4.2-vr17
> > wu-ftpd-2.5.0
> > BeroFTPD, all versions
>
> CERT appears to have left out wu-ftpd-2.6.0 (although they included it in
> the lists for the other two vulnerabilities).
>
> Version 2.6.0 does *not* have the "MAPPING_CHDIR Buffer Overflow"
> vulnerability, at least if the ANNOUNCE-RELEASE file for that version is
> to be believed. It reads, in part:
>
> "Corrected an error in the MAPPING_CHDIR feature which could be used to
> gain root privileges on the server."
>
> Presumably, this refers to this vulnerability.
Mia culpa.
--
Gregory A Lundberg Senior Partner, VRnet Company
1441 Elmdale Drive lundberg@vr.net
Kettering, OH 45409-1615 USA 1-800-809-2195
