|
|
Info |
Last Modified |
| 6 months ago |
|
|
|
|
Description |
A remote overflow exists in wu-ftpd. There is a failure to properly check bounds when a MKDIR call is issued resulting in a buffer overflow. With a specially crafted request, an attacker can potentially execute arbitrary code as the user wu-ftpd runs as (usually root) resulting in a loss of integrity, and/or availability.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity,
Loss of Availability
Exploit:
Exploit Unknown
Disclosure:
OSVDB Verified
|
|
Solution |
Upgrade to version 2.4.2-BETA-18-VR10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
wu-ftpd
 |
2.0 |
2.1 |
2.2 |
2.3 |
2.4 |
2.4.1 |
2.4.2-BETA-10 |
2.4.2-BETA-11 |
2.4.2-BETA-12 |
2.4.2-BETA-13 |
2.4.2-BETA-2 |
2.4.2-BETA-3 |
2.4.2-BETA-4 |
2.4.2-BETA-5 |
2.4.2-BETA-6 |
2.4.2-BETA-7 |
2.4.2-BETA-8 |
2.4.2-BETA-9 |
2.1x |
2.4.2-BETA-14 |
2.4.2-BETA-15 |
2.4.2-BETA-16 |
2.4.2-BETA-17 |
2.4.2-BETA-17-VR1 |
2.4.2-BETA-17-VR2 |
2.4.2-BETA-18 |
2.4.2-BETA-18-VR3 |
2.4.2-BETA-18-VR4 |
2.4.2-BETA-18-VR5 |
2.4.2-BETA-18-VR6 |
2.4.2-BETA-18-VR7 |
2.4.2-BETA-18-VR8 |
2.4.2-BETA-18-VR9 |
|
|
|
|
|
|
Credit |
- Jordan Ritter - jpr5
 netect.com - Netect, Inc.
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
