|
|
Info |
Last Modified |
| 6 months ago |
|
|
|
|
Description |
A remote overflow exists in wu-ftpd. A SockPrintf call in ftpd.c fails to properly check bounds on a pathname when wu-ftpd is compiled with MAIL_ADMIN enabled resulting in a buffer overflow. With a specially crafted request, an attacker can possibly execute arbitrary code as the user wu-ftpd runs as (usually root) resulting in a loss of integrity, and/or availability.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity,
Loss of Availability
Exploit:
Exploit Unknown
Disclosure:
OSVDB Verified
|
|
Technical |
It should be noted that this vulnerability may not be exploitable on most systems. It relies on creating a very long file name (greater than 32778 bytes), but on many systems, it is not possible to create a file name that long.
|
|
Solution |
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): do not compile wu-ftpd with MAIL_ADMIN defined/enabled (by default, MAIL_ADMIN is not defined).
|
|
Products |
|
wu-ftpd
 |
2.6.1 |
2.6.2 |
2.6.0 |
|
|
|
|
|
|
Credit |
- Adam Zabrocki - pi3ki31ny
 wp.pl - Personal Page
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
