Conectiva Local Security Checks : Conectiva Security Advisory CLA-2003:715

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.51449

Category: Conectiva Local Security Checks

Title: Conectiva Security Advisory CLA-2003:715

Summary: Conectiva Security Advisory CLA-2003:715

Description:
The remote host is missing updates announced in
advisory CLA-2003:715.

wu-ftpd is one of the ftp servers available in Conectiva Linux and
several other linux distributions.

Janusz Niewiadomski and Wojciech Purczynski of iSEC Security Research
have found[1] a off-by-one buffer overflow vulnerability in the
fb_realpath() function, which handles filename paths in wu-ftpd. The
vulnerability can be exploited by a remote attacker who can log in to
the vulnerable server (with any account, including an anonymous one
if available) to execute arbitrary code with the privileges of the
root user.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2003-0466 to this issue[2].

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0466
http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:715
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003

Risk factor : Critical

Cross-Ref: BugTraq ID: 8315
Common Vulnerability Exposure (CVE) ID: CVE-2003-0466
Bugtraq: 20030731 wu-ftpd fb_realpath() off-by-one bug (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=105967301604815&w=2
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html
http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
Bugtraq: 20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3) (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=106002488209129&w=2
Bugtraq: 20030804 wu-ftpd-2.6.2 off-by-one remote exploit. (Google Search)
http://marc.theaimsgroup.com/?l=bugtraq&m=106001702232325&w=2
http://www.redhat.com/support/errata/RHSA-2003-245.html
http://www.redhat.com/support/errata/RHSA-2003-246.html
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1
SuSE Security Announcement: SuSE-SA:2003:032 (Google Search)
http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html
http://www.mandriva.com/security/advisories?name=MDKSA-2003:080
Debian Security Information: DSA-357 (Google Search)
http://www.debian.org/security/2003/dsa-357
FreeBSD Security Advisory: FreeBSD-SA-03:08
http://marc.theaimsgroup.com/?l=bugtraq&m=106001410028809&w=2
NETBSD Security Advisory: NetBSD-SA2003-011.txt.asc
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc
TurboLinux Advisory: TLSA-2003-46
http://www.turbolinux.com/security/TLSA-2003-46.txt
Immunix Linux Advisory: IMNX-2003-7+-019-01
http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01
HPdes Security Advisory: SSRT3606
SCO Security Bulletin: CSSA-2003-SCO.20
Bugtraq: 20060213 Latest wu-ftpd exploit :-s (Google Search)
http://www.securityfocus.com/archive/1/424852/100/0/threaded
Bugtraq: 20060214 Re: Latest wu-ftpd exploit :-s (Google Search)
http://www.securityfocus.com/archive/1/425061/100/0/threaded
CERT/CC vulnerability note: VU#743092
http://www.kb.cert.org/vuls/id/743092
http://www.securityfocus.com/bid/8315
http://www.osvdb.org/6602
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1970
http://securitytracker.com/id?1007380
http://secunia.com/advisories/9423
http://secunia.com/advisories/9446
http://secunia.com/advisories/9447
http://secunia.com/advisories/9535
XForce ISS Database: libc-realpath-offbyone-bo(12785)
http://xforce.iss.net/xforce/xfdb/12785

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.51449
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2003:715
Summary:	Conectiva Security Advisory CLA-2003:715
Description:	The remote host is missing updates announced in advisory CLA-2003:715. wu-ftpd is one of the ftp servers available in Conectiva Linux and several other linux distributions. Janusz Niewiadomski and Wojciech Purczynski of iSEC Security Research have found[1] a off-by-one buffer overflow vulnerability in the fb_realpath() function, which handles filename paths in wu-ftpd. The vulnerability can be exploited by a remote attacker who can log in to the vulnerable server (with any account, including an anonymous one if available) to execute arbitrary code with the privileges of the root user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2003-0466 to this issue[2]. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0466 http://www.securityspace.com/smysecure/catid.html?in=CLA-2003:715 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002003 Risk factor : Critical
Cross-Ref:	BugTraq ID: 8315 Common Vulnerability Exposure (CVE) ID: CVE-2003-0466 Bugtraq: 20030731 wu-ftpd fb_realpath() off-by-one bug (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=105967301604815&w=2 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt Bugtraq: 20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3) (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=106002488209129&w=2 Bugtraq: 20030804 wu-ftpd-2.6.2 off-by-one remote exploit. (Google Search) http://marc.theaimsgroup.com/?l=bugtraq&m=106001702232325&w=2 http://www.redhat.com/support/errata/RHSA-2003-245.html http://www.redhat.com/support/errata/RHSA-2003-246.html http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1 SuSE Security Announcement: SuSE-SA:2003:032 (Google Search) http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html http://www.mandriva.com/security/advisories?name=MDKSA-2003:080 Debian Security Information: DSA-357 (Google Search) http://www.debian.org/security/2003/dsa-357 FreeBSD Security Advisory: FreeBSD-SA-03:08 http://marc.theaimsgroup.com/?l=bugtraq&m=106001410028809&w=2 NETBSD Security Advisory: NetBSD-SA2003-011.txt.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc TurboLinux Advisory: TLSA-2003-46 http://www.turbolinux.com/security/TLSA-2003-46.txt Immunix Linux Advisory: IMNX-2003-7+-019-01 http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01 HPdes Security Advisory: SSRT3606 SCO Security Bulletin: CSSA-2003-SCO.20 Bugtraq: 20060213 Latest wu-ftpd exploit :-s (Google Search) http://www.securityfocus.com/archive/1/424852/100/0/threaded Bugtraq: 20060214 Re: Latest wu-ftpd exploit :-s (Google Search) http://www.securityfocus.com/archive/1/425061/100/0/threaded CERT/CC vulnerability note: VU#743092 http://www.kb.cert.org/vuls/id/743092 http://www.securityfocus.com/bid/8315 http://www.osvdb.org/6602 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1970 http://securitytracker.com/id?1007380 http://secunia.com/advisories/9423 http://secunia.com/advisories/9446 http://secunia.com/advisories/9447 http://secunia.com/advisories/9535 XForce ISS Database: libc-realpath-offbyone-bo(12785) http://xforce.iss.net/xforce/xfdb/12785
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com