WU-FTPD Heap Corruption Vulnerability: Nov 29

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

eddie5659

Thread Starter
Moderator
Malware Specialist
Joined
Mar 19, 2001
Messages
37,298
Hiya

Internet Security Systems (ISS) X-Force has learned of the public
release of a proof of concept exploit for a vulnerability in Washington
University's FTP daemon (WU-FTPD). This FTP daemon is packaged as a part
of many Linux distributions. This vulnerability, which was originally
reported in April 2001, may allow remote attackers who are able to login
to the FTP service to execute arbitrary commands on a target system
without any specific knowledge of that host

Washington University wu-ftpd 2.6.1:
- Caldera OpenLinux Server 3.1, OpenLinux Workstation 3.1
- Cobalt Qube 1.0
- Conectiva Linux 7.0, 6.0
- MandrakeSoft Corporate Server 1.0.1
- MandrakeSoft Mandrake Linux 8.1, 8.0 ppc, 8.0, 7.2, 7.1, 7.0, 6.1, 6.0
- Red Hat Linux 7.2 noarch, 7.2 ia64, 7.2 i686, 7.2 i586, 7.2 i386,
7.2 athlon, 7.2 alpha
- Red Hat Linux 7.1 noarch, 7.1 ia64, 7.1 i686, 7.1 i586, 7.1 i386,
7.1 alpha
- Red Hat Linux 7.0 sparc, 7.0 i386, 7.0 alpha
- Turbolinux TL Workstation 6.1
- Turbolinux 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0
- WireX Immunix OS 7.0-Beta, 7.0

Washington University wu-ftpd 2.6.0:
- Cobalt Qube 1.0
- Conectiva Linux 5.1, 5.0, 4.2, 4.1, 4.0es, 4.0
- Debian Linux 2.2 sparc, 2.2 powerpc, 2.2 arm, 2.2 alpha, 2.2 68k, 2.2
- Red Hat Linux 6.2 sparc, 6.2 i386, 6.2 alpha
- Red Hat Linux 6.1 sparc, 6.1 i386, 6.1 alpha
- Red Hat Linux 6.0 sparc, 6.0 i386, 6.0 alpha
- Red Hat Linux 5.2 sparc, 5.2 i386, 5.2 alpha
- SuSE Linux 6.4ppc, 6.4alpha, 6.4
- SuSE Linux 6.3 ppc, 6.3 alpha, 6.3
- SuSE Linux 6.2
- SuSE Linux 6.1 alpha, 6.1
- Turbolinux 4.0
- WireX Immunix OS 6.2

Washington University wu-ftpd 2.5.0:
- Caldera eDesktop 2.4, eServer 2.3.1, eServer 2.3
- Caldera OpenLinux 2.4, OpenLinux Desktop 2.3
- Red Hat Linux 6.0 sparc, 6.0 i386, 6.0 alpha

http://xforce.iss.net/alerts/advise103.php

Regards

eddie
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top