Wu-ftp site exec command could compromise root privileges
| ftp-exec (55) |  High Risk |
Description:
Wu-ftpd could provide weaker than expected security. A vulnerability in the Site Exec command in older versions of the wu-ftpd daemon allows a remote attacker to gain root access, without using anonymous FTP or a regular account to exploit the system.
Platforms Affected:
- Washington University, WU-FTPD 2.4.1
Remedy:
Upgrade to the latest version of wu-ftpd (2.4 or later), as listed in CERT Advisory CA-1994-08. See References.
To upgrade to the latest version of Wu-FTP:
- Open a Web browser.
- Go to http://ftp.academ.com/academ/wu-ftpd/release.html or ftp://ftp.academ.com/pub/wu-ftpd/.
- Download the Wu-FTP patch.
- Locate the patch on your system and execute it.
- Follow the directions to apply the patch.
Consequences:
Gain Access
References:
- Academ Consulting Service FTP site, FTP directory /pub/wu-ftpd/ at ftp.academ.com at ftp://ftp.academ.com/pub/wu-ftpd/.
- CERT Advisory CA-1993-06, wuarchive ftpd Vulnerability at http://www.cert.org/advisories/CA-1993-06.html.
- CERT Advisory CA-1994-08, ftpd Vulnerabilities at http://www.cert.org/advisories/CA-1994-08.html.
- CIAC Information Bulletin E-17, FTP Daemon Vulnerabilities at http://ciac.llnl.gov/ciac/bulletins/e-17.shtml.
- Hewlett-Packard Company Security Bulletin HPSBUX9405-010, ftpd: SITE CHMOD / race condition vulnerability at http://us-support.external.hp.com.
- CVE-1999-0955: Race condition in wu-ftpd and BSDI ftpd allows remote attackers gain root access via the SITE EXEC command.
Reported:
Mar 01, 1993
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net