-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2004-8 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp -------------------------------------------------------------------------- Original released date : 30 Mar 2004 Last revised : 30 Mar 2004 Package : wu-ftpd Summary : Multiple vulnerabilities in wu-ftpd More information : Wu-ftpd is the daemon (background) program which serves FTP files to ftp clients. - wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. - Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name. Impact : The ftp users may be able to read the file which cannot be read. The vulnerabilities allow an attacker can cause to denial of service of the wu-ftpd. Affected Products : - Turbolinux Advanced Server 6 - Turbolinux Server 6.1 - Turbolinux Workstation 6.0 Solution : Please use turbopkg(zabom) tool to apply the update. --------------------------------------------- # turbopkg or # zabom update wu-ftpd --------------------------------------------- Source Packages Size : MD5 ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/SRPMS/wu-ftpd-2.6.2-4.src.rpm 368558 68c2ec7979364dd1b3427f72e4338bae Binary Packages Size : MD5 ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/wu-ftpd-2.6.2-4.i386.rpm 194109 33571507dd3b3ca040188dad40dafedf Source Packages Size : MD5 ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/SRPMS/wu-ftpd-2.6.2-4.src.rpm 368558 bbbfdcf892b2ed521bc8eb2eb97f4ea9 Binary Packages Size : MD5 ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/wu-ftpd-2.6.2-4.i386.rpm 193965 81165dc3c00f3011791269f86199b6b4 Source Packages Size : MD5 ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/wu-ftpd-2.6.2-4.src.rpm 368558 0a88693eeac7faf5a26c67d89c14e7f2 Binary Packages Size : MD5 ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/wu-ftpd-2.6.2-4.i386.rpm 193995 73d774853304aa030ae2d6242cb17288 notice : We confirmed that "CAN-2004-0185" does not affect our products. References : CVE [CAN-2004-0148] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0148 [CAN-2004-0185] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0185 -------------------------------------------------------------------------- Revision History 30 Mar 2004 Initial release -------------------------------------------------------------------------- Copyright(C) 2004 Turbolinux, Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAaSFBK0LzjOqIJMwRAp9BAJsGM17V3gE/K4mSWh1wkPUAbEI34gCeI52Q OVa4fIsj/qVjEQg749xrk8M= =iJcy -----END PGP SIGNATURE-----