Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » CSSA-2001-SCO.36.2-wu-ftpd ftpglob() vulnerability

CSSA-2001-SCO.36.2-wu-ftpd ftpglob() vulnerability

by Nikola Strahija on February 15th, 2002 A vulnerability in the wu-ftpd ftpglob() function was found by the CORE ST team. This vulnerability may be exploited to obtain root access on the ftp server. An nlist with a deeply recursive argument in an ftpd session consumes a very large amount of disk and CPU resources on the server, thus constituting a denial of service attack.


Vulnerable Versions

Operating System Version Affected Files
------------------------------------------------------------------
UnixWare 7 All /usr/sbin/in.ftpd
Open UNIX 8.0.0 /usr/sbin/in.ftpd


3. Workaround

None.


4. UnixWare 7, Open UNIX 8

4.1 Location of Fixed Binaries

ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.36.2/


4.2 Verification

md5 checksums:

MD5 (erg501215b.Z) = 5dc14febd11a88e1b58dfba93f033ea8


md5 is available for download from

ftp://stage.caldera.com/pub/security/tools/


4.3 Installing Fixed Binaries

Upgrade the affected binaries with the following commands:

Download erg501215b.Z to /tmp

# uncompress /tmp/erg501215b.Z
# pkgadd -d /tmp/erg501215b


5. References

CORE-20011001: Wu-FTP glob heap corruption vulnerability
http://www.corest.com

CERT Advisory CA-2001-33 Multiple Vulnerabilities in WU-FTPD
http://www.cert.org

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0550

This and other advisories are located at
http://stage.caldera.com/support/security

This advisory addresses Caldera Security internal incidents
sr856023, fz519403, erg711908, erg501215.


6. Disclaimer

Caldera International, Inc. is not responsible for the misuse
of any of the information we provide on our website and/or
through our security advisories. Our advisories are a service
to our customers intended to promote secure installation and
use of Caldera International products.



Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »