Wu-ftpd Buffer Overflow Vulnerability

[Giorgius]

N-132: Wu-ftpd Buffer Overflow Vulnerability
[Red Hat Security Advisory RHSA-2003:245-15]
July 31, 2003 18:00 GMT
[Revised 13 Aug 2003]
[Revised 14 Aug 2003]
[Revised 5 Sept 2003]
[Revised 8 Oct 2003]

PROBLEM: A buffer overflow vulnerability exists in wu-ftpd versions 2.6.2 and earlier. WU-FTPD is a popular ftp daemon used on the Internet, and on many anonymous ftp sites all around the world.
PLATFORM: Red Hat:
Linux 7.1, Linux 7.1 for iSeries, Linux 7.1 for pSeries, Linux 7.2, Linux 7.3, Linux 8.0
Sun:
Solaris 9, Sun Linux 5.0
Hewlett Packard:
B.11.22, B.11.11, and B.11.00 running wu-ftpd
B.11.00 and B.11.11 web

OTHER PLATFORMS WILL BE ADDED WHEN VENDOR BULLETINS ARE RELEASED.
DAMAGE: Successful exploitation could cause a buffer overflow and allow for an increase in privileges. Denial of service attacks may be possible.
SOLUTION: Install updated wu-ftpd packages from Red Hat or obtain the realpath.patch from the WU-FTPD Development Group web site.

VULNERABILITY
ASSESSMENT: The risk is HIGH. A remote attacker could gain root privileges
http://www.ciac.org/ciac/bulletins/n-132.shtml