English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75803 CVE descriptions
and 40037 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51449
Category:Conectiva Local Security Checks
Title:Conectiva Security Advisory CLA-2003:715
Summary:Conectiva Security Advisory CLA-2003:715
Description:
The remote host is missing updates announced in
advisory CLA-2003:715.

wu-ftpd is one of the ftp servers available in Conectiva Linux and
several other linux distributions.

Janusz Niewiadomski and Wojciech Purczynski of iSEC Security Research
have found[1] a off-by-one buffer overflow vulnerability in the
fb_realpath() function, which handles filename paths in wu-ftpd. The
vulnerability can be exploited by a remote attacker who can log in to
the vulnerable server (with any account, including an anonymous one
if available) to execute arbitrary code with the privileges of the
root user.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2003-0466 to this issue[2].


Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0466
http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:715
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : Critical
Cross-Ref: BugTraq ID: 8315
Common Vulnerability Exposure (CVE) ID: CVE-2003-0466
Bugtraq: 20030731 wu-ftpd fb_realpath() off-by-one bug (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=105967301604815&w=2
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html
http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
Bugtraq: 20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3) (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=106002488209129&w=2
Bugtraq: 20030804 wu-ftpd-2.6.2 off-by-one remote exploit. (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=106001702232325&w=2
http://www.redhat.com/support/errata/RHSA-2003-245.html
http://www.redhat.com/support/errata/RHSA-2003-246.html
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1
SuSE Security Announcement: SuSE-SA:2003:032 (Google Search)
http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html
http://www.mandriva.com/security/advisories?name=MDKSA-2003:080
Debian Security Information: DSA-357 (Google Search)
http://www.debian.org/security/2003/dsa-357
FreeBSD Security Advisory: FreeBSD-SA-03:08
http://marc.theaimsgroup.com/?l=bugtraq&m=106001410028809&w=2
NETBSD Security Advisory: NetBSD-SA2003-011.txt.asc
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc
TurboLinux Advisory: TLSA-2003-46
http://www.turbolinux.com/security/TLSA-2003-46.txt
Immunix Linux Advisory: IMNX-2003-7+-019-01
http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01
HPdes Security Advisory: SSRT3606
SCO Security Bulletin: CSSA-2003-SCO.20
Bugtraq: 20060213 Latest wu-ftpd exploit :-s (Google Search)
http://www.securityfocus.com/archive/1/424852/100/0/threaded
Bugtraq: 20060214 Re: Latest wu-ftpd exploit :-s (Google Search)
http://www.securityfocus.com/archive/1/425061/100/0/threaded
CERT/CC vulnerability note: VU#743092
http://www.kb.cert.org/vuls/id/743092
http://www.securityfocus.com/bid/8315
http://www.osvdb.org/6602
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1970
http://securitytracker.com/id?1007380
http://secunia.com/advisories/9423
http://secunia.com/advisories/9446
http://secunia.com/advisories/9447
http://secunia.com/advisories/9535
XForce ISS Database: libc-realpath-offbyone-bo(12785)
http://xforce.iss.net/xforce/xfdb/12785
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 40037 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.