Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2001.504 -- Caldera International, Inc. Security Advisory Vulnerability in wu-ftpd 29 November 2001 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: wu-ftpd previous to 2.6.1-13 Vendor: Caldera International Operating System: OpenLinux 2.3 OpenLinux eServer 2.3.1 OpenLinux eBuilder OpenLinux eDesktop 2.4 OpenLinux Server 3.1 OpenLinux Workstation 3.1 Platform: i386 Impact: Root Compromise Access Required: Remote Ref: AA-2001.05 - --------------------------BEGIN INCLUDED TEXT-------------------- ______________________________________________________________________________ Caldera International, Inc. Security Advisory Subject: Linux - Vulnerability in wu-ftpd Advisory number: CSSA-2001-041.0 Issue date: 2001, November 28 Cross reference: ______________________________________________________________________________ 1. Problem Description The CoreST team has discovered a vulnerability in wu-ftpd that can be exploited to obtain root access to the FTP server. We recommend that customers immediately upgrade to the fixed version. If you do not need FTP service, remove the package. 2. Vulnerable Versions System Package ----------------------------------------------------------- OpenLinux 2.3 All packages previous to wu-ftpd-2.6.1-13OL OpenLinux eServer 2.3.1 All packages previous to and OpenLinux eBuilder wu-ftpd-2.6.1-13OL OpenLinux eDesktop 2.4 All packages previous to wu-ftpd-2.6.1-13OL OpenLinux Server 3.1 All packages previous to wu-ftpd-2.6.1-13 OpenLinux Workstation 3.1 not vulnerable 3. Solution Workaround If you do not need wu-ftpd isntalled, remove it by running the following command as root: rpm -e wu-ftpd The proper solution is to upgrade to the latest packages. 4. OpenLinux 2.3 4.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS The corresponding source code package can be found at: ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/SRPMS 4.2 Verification d6a618f9fe6a3ae99a1c54a405ab169a RPMS/wu-ftpd-2.6.1-13OL.i386.rpm 64ee3731783c12da3a5c164acb3ed239 SRPMS/wu-ftpd-2.6.1-13OL.src.rpm 4.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -Fvh wu-ftpd-2.6.1-13OL.i386.rpm 5. OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0 5.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS The corresponding source code package can be found at: ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/SRPMS 5.2 Verification a9396078593fc3e4445d3d691df484be RPMS/wu-ftpd-2.6.1-13OL.i386.rpm 64ee3731783c12da3a5c164acb3ed239 SRPMS/wu-ftpd-2.6.1-13OL.src.rpm 5.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -Fvh wu-ftpd-2.6.1-13OL.i386.rpm 6. OpenLinux eDesktop 2.4 6.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS The corresponding source code package can be found at: ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/SRPMS 6.2 Verification 3edfa831ea0d3cc94f3b7a1e1bd49723 RPMS/wu-ftpd-2.6.1-13OL.i386.rpm 64ee3731783c12da3a5c164acb3ed239 SRPMS/wu-ftpd-2.6.1-13OL.src.rpm 6.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -Fvh wu-ftpd-2.6.1-13OL.i386.rpm 7. OpenLinux 3.1 Server 7.1 Location of Fixed Packages The upgrade packages can be found on Caldera's FTP site at: ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS The corresponding source code package can be found at: ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS 7.2 Verification 13e54795ceba03b48c7ac4a9c7616d70 RPMS/wu-ftpd-2.6.1-13.i386.rpm a14359f0a93b7e82d20df2c000a81b9a SRPMS/wu-ftpd-2.6.1-13.src.rpm 7.3 Installing Fixed Packages Upgrade the affected packages with the following commands: rpm -Fvh wu-ftpd-2.6.1-13.i386.rpm 8. OpenLinux 3.1 Workstation not vulnerable 9. References This and other Caldera security resources are located at: http://www.caldera.com/support/security/index.html This security fix closes Caldera's internal Problem Report 11023. 10. Disclaimer Caldera International, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera OpenLinux. 11. Acknowledgements Caldera wishes to thank Core ST and Ivan Arce for their efforts to coordinate the publication of this vulnerability with all affected vendors. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to use any or all of this information is the responsibility of each user or organisation, and should be done so in accordance with site policies and procedures. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the original authors to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/Information/advisories.html If you believe that your system has been compromised, contact AusCERT or your representative in FIRST (Forum of Incident Response and Security Teams). Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for emergencies. -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key iQCVAwUBPAZZ2yh9+71yA2DNAQH1SAP8Ci2PyVjQ/ud0a2kcWvFxzUWLdRs8Igdt irKOaGkRMEc6UiWeEQhI/FJciOsMAVquDqvHzLv/aCTr7McPGN+AINLv9/qTFu3F 76bNGHXD0O8/9owabHw/jfJ6vE3vDhQJt3jHDOl/l+PskJglAN757XfBfzcG1kfV t8yskCM9F2k= =/oTr -----END PGP SIGNATURE-----