Test ID:	1.3.6.1.4.1.25623.1.0.51449
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2003:715
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLA-2003:715. wu-ftpd is one of the ftp servers available in Conectiva Linux and several other linux distributions. Janusz Niewiadomski and Wojciech Purczynski of iSEC Security Research have found[1] a off-by-one buffer overflow vulnerability in the fb_realpath() function, which handles filename paths in wu-ftpd. The vulnerability can be exploited by a remote attacker who can log in to the vulnerable server (with any account, including an anonymous one if available) to execute arbitrary code with the privileges of the root user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0466 to this issue[2]. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0466 http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:715 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	BugTraq ID: 8315 Common Vulnerability Exposure (CVE) ID: CVE-2003-0466 http://www.securityfocus.com/bid/8315 Bugtraq: 20030731 wu-ftpd fb_realpath() off-by-one bug (Google Search) http://marc.info/?l=bugtraq&m=105967301604815&w=2 Bugtraq: 20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3) (Google Search) http://marc.info/?l=bugtraq&m=106002488209129&w=2 Bugtraq: 20030804 wu-ftpd-2.6.2 off-by-one remote exploit. (Google Search) http://marc.info/?l=bugtraq&m=106001702232325&w=2 Bugtraq: 20060213 Latest wu-ftpd exploit :-s (Google Search) http://www.securityfocus.com/archive/1/424852/100/0/threaded Bugtraq: 20060214 Re: Latest wu-ftpd exploit :-s (Google Search) http://www.securityfocus.com/archive/1/425061/100/0/threaded CERT/CC vulnerability note: VU#743092 http://www.kb.cert.org/vuls/id/743092 Debian Security Information: DSA-357 (Google Search) http://www.debian.org/security/2003/dsa-357 FreeBSD Security Advisory: FreeBSD-SA-03:08 http://marc.info/?l=bugtraq&m=106001410028809&w=2 HPdes Security Advisory: SSRT3606 Immunix Linux Advisory: IMNX-2003-7+-019-01 http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01 http://www.mandriva.com/security/advisories?name=MDKSA-2003:080 http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt NETBSD Security Advisory: NetBSD-SA2003-011.txt.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc http://www.osvdb.org/6602 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970 http://www.redhat.com/support/errata/RHSA-2003-245.html http://www.redhat.com/support/errata/RHSA-2003-246.html SCO Security Bulletin: CSSA-2003-SCO.20 http://securitytracker.com/id?1007380 http://secunia.com/advisories/9423 http://secunia.com/advisories/9446 http://secunia.com/advisories/9447 http://secunia.com/advisories/9535 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1 SuSE Security Announcement: SuSE-SA:2003:032 (Google Search) http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html TurboLinux Advisory: TLSA-2003-46 http://www.turbolinux.com/security/TLSA-2003-46.txt http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html XForce ISS Database: libc-realpath-offbyone-bo(12785) https://exchange.xforce.ibmcloud.com/vulnerabilities/12785
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.