From: Ertugrul Komut (linux@gul.net.tr)
Date: Tue 27 Jun 2000 - 16:42:56 EEST
>>* InfoNet Guvenlik Duyurusu *
>27 Haziran 2000
>
>Washington University ftp daemon (wu-ftpd) Linux bircok daigitimiyla beraber
>gelen cok populer bir unix ftp sunucusu. Wu-ftpd SITE EXEC
>implemantasyonunda cok ciddi bir (remote) saldiriya karsi guvenli acigi
>bulunduruyor. Kullanici girisi direk olarak *printf fonksiyonu icin bir
>"format sting" e gonderildigi icin, "stack" uzerinde geri donus adresi gibi
>onemli bilgiler uzerine yazilabiliyor. Bu gerceklestirildiginde fonksiyon,
>uzerine yazilmis "eip" ile shellcode a 'jump' ettirilebiliyor ve istenilen
>komutlari 'root' olarak calistirmaya izin veriyor. Buffer overflow dusuncesi
>ile gerceklestirildiginde gercekte bir giris onaylama 'input validation'
>problemi. Anonymous ftp ile gerceklestirildiginde, saldirilarin internet'te
>herhangi bir yerden anonymous olarak gelebilmesi olayi dahada
>ciddilestiriyor.
>
>Patchler:
>Patches for various Linux distributions are listed below:
>
>Debian Linux (taken directly from the advisory)
>Source archives:
>http://security.debian.org/dists/slink/updates/source/wu-ftpd-academ_2.4.2.1
>6-13.1.diff.gz
>MD5 checksum: a3d26f64852e10d5831f1362e214074b
>http://security.debian.org/dists/slink/updates/source/wu-ftpd-academ_2.4.2.1
>6-13.1.dsc
>MD5 checksum: 3c1848cfbdc82eae8008e26f34b63029
>http://security.debian.org/dists/slink/updates/source/wu-ftpd-academ_2.4.2.1
>6.orig.tar.gz
>MD5 checksum: 1b636fbfb3a5417886cc4265cca0fc5f
>
>Intel ia32 architecture:
>http://security.debian.org/dists/slink/updates/binary-i386/wu-ftpd-academ_2.
>4.2.16-13.1_i386.deb
>MD5 checksum: 9eace595dcb0ba68bb2ddd60ffbfa12f
>
>Sun Sparc architecture:
>http://security.debian.org/dists/slink/updates/binary-sparc/wu-ftpd-academ_2
>.4.2.16-13.1_sparc.deb
>MD5 checksum: 1302d89ae95d8b40eb000472abeb461c
>
>Debian 2.2 alias potato
>- -----------------------
>Source archives:
>http://security.debian.org/dists/potato/updates/main/source/wu-ftpd_2.6.0-5.
>1.diff.gz
>MD5 checksum: d24ba31633ed0d279653c671f93bf624
>http://security.debian.org/dists/potato/updates/main/source/wu-ftpd_2.6.0-5.
>1.dsc
>MD5 checksum: bc7138b128d8d32d5810ac19cc4ccf75
>http://security.debian.org/dists/potato/updates/main/source/wu-ftpd_2.6.0.or
>ig.tar.gz
>MD5 checksum: 652cfe4b59e0468eded736e7c281d16f
>
>Architecture indendent archives:
>http://security.debian.org/dists/potato/updates/main/binary-all/wu-ftpd-acad
>em_2.6.0-5.1_all.deb
>MD5 checksum: fa11e4fb1e3852382e9261a265ab85be
>
>Alpha architecture:
>http://security.debian.org/dists/potato/updates/main/binary-alpha/wu-ftpd_2.
>6.0-5.1_alpha.deb
>MD5 checksum: 3907a13fd70063eb8cccc47148d3b316
>
>
>ARM architecture:
>http://security.debian.org/dists/potato/updates/main/binary-arm/wu-ftpd_2.6.
>0-5.1_arm.deb
>MD5 checksum: 9faeaec3a831510179c4e3a6ea50ff52
>
>Intel ia32 architecture:
>http://security.debian.org/dists/potato/updates/main/binary-i386/wu-ftpd_2.6
>.0-5.1_i386.deb
>MD5 checksum: 8f74c7004d4a06bfef2a5de786993164
>
>PowerPC architecture:
>http://security.debian.org/dists/potato/updates/main/binary-powerpc/wu-ftpd_
>2.6.0-5.1_powerpc.deb
>MD5 checksum: 4af70cff2b3a0396945df86fa8ebc6b8
>
>Sun Sparc architecture:
>http://security.debian.org/dists/potato/updates/main/binary-sparc/wu-ftpd_2.
>6.0-5.1_sparc.deb
>MD5 checksum: 71320a88456af1b92f4e9848bbe76a80
>
>Connectiva Linux (Taken from their advisory):
>
>DIRECT DOWNLOAD LINKS TO UPDATED PACKAGES
>
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0/i386/wu-ftpd-2.6.0
>-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0es/i386/wu-ftpd-2.6
>.0-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/i386/wu-ftpd-2.6.0
>-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/i386/wu-ftpd-2.6.0
>-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/i386/wu-ftpd-2.6.0
>-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/servidor-1.0/i386/wu-f
>tpd-2.6.0-11cl.i386.rpm
>
>
>DIRECT LINK TO THE SOURCE PACKAGES
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0/SRPMS/wu-ftpd-2.6.
>0-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.0es/SRPMS/wu-ftpd-2.
>6.0-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.1/SRPMS/wu-ftpd-2.6.
>0-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/4.2/SRPMS/wu-ftpd-2.6.
>0-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/5.0/SRPMS/wu-ftpd-2.6.
>0-11cl.i386.rpm
>ftp://ftp.conectiva.com.br/pub/conectiva/atualizacoes/servidor-1.0/SRPMS/wu-
>ftpd-2.6.0-11cl.i386.rpm
>
>Caldera Linux (Taken from the advisory):
>-------------------------------------------------------
>OpenLinux Desktop 2.3
>
>Location of Fixed Packages
>
>The upgrade packages can be found on Caldera's FTP site at:
>ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
>
>The corresponding source code package can be found at:
>ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
>
>Verification
>
>ddc86702f33d6a5edddab258ddd72195 RPMS/wu-ftpd-2.5.0-7.i386.rpm
>8090110ecef8d1efd2fe4c279f209e29 SRPMS/wu-ftpd-2.5.0-7.src.rpm
>
>
>OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0
>
>Location of Fixed Packages
>
>The upgrade packages can be found on Caldera's FTP site at:
>ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
>
>The corresponding source code package can be found at:
>ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
>
>Verification
>
>f909e8b47ec6780109c2437cdfdc2497 RPMS/wu-ftpd-2.5.0-7.i386.rpm
>8354edf2f90e59aa96d8baf1d77e28a0 SRPMS/wu-ftpd-2.5.0-7.src.rpm
>
>. OpenLinux eDesktop 2.4
>
>Location of Fixed Packages
>
>The upgrade packages can be found on Caldera's FTP site at:
>ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
>
>The corresponding source code package can be found at:
>ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
>
>Verification
>
>d2df4fb386d65387039f33538571d907 RPMS/wu-ftpd-2.5.0-7.i386.rpm
>13313d25d6d93dd98dd94e62d48c711c SRPMS/wu-ftpd-2.5.0-7.src.rpm
>
>RedHat Linux (taken directly from their advisory):
>
>
>6. RPMs required:
>
>Red Hat Linux 5.2:
>
>386:
>ftp://updates.redhat.com/5.2/i386/wu-ftpd-2.6.0-2.5.x.i386.rpm
>
>alpha:
>ftp://updates.redhat.com/5.2/alpha/wu-ftpd-2.6.0-2.5.x.alpha.rpm
>
>sparc:
>ftp://updates.redhat.com/5.2/sparc/wu-ftpd-2.6.0-2.5.x.sparc.rpm
>
>sources:
>ftp://updates.redhat.com/5.2/SRPMS/wu-ftpd-2.6.0-2.5.x.src.rpm
>
>Red Hat Linux 6.2:
>
>i386:
>ftp://updates.redhat.com/6.2/i386/wu-ftpd-2.6.0-14.6x.i386.rpm
>
>alpha:
>ftp://updates.redhat.com/6.2/alpha/wu-ftpd-2.6.0-14.6x.alpha.rpm
>
>sparc:
>ftp://updates.redhat.com/6.2/sparc/wu-ftpd-2.6.0-14.6x.sparc.rpm
>
>sources:
>ftp://updates.redhat.com/6.2/SRPMS/wu-ftpd-2.6.0-14.6x.src.rpm
>
>7. Verification:
>
>MD5 sum Package Name
>--------------------------------------------------------------------------
>e1f3b09d8ad0067fa7fd22e7afe77e64 5.2/SRPMS/wu-ftpd-2.6.0-2.5.x.src.rpm
>7c2f89b3f8533ec54a36c5dde5995ce6 5.2/alpha/wu-ftpd-2.6.0-2.5.x.alpha.rpm
>8dbd0b0f1fa1d0755393942cb4cb141d 5.2/i386/wu-ftpd-2.6.0-2.5.x.i386.rpm
>5d9df2512a15e5c8914f398d980b12e7 5.2/sparc/wu-ftpd-2.6.0-2.5.x.sparc.rpm
>67349a75b767585628912b840e52806e 6.2/SRPMS/wu-ftpd-2.6.0-14.6x.src.rpm
>fafe870fc91762dd7e9182df3b4dfee5 6.2/alpha/wu-ftpd-2.6.0-14.6x.alpha.rpm
>50c11f333641277ab75e6207bffb13b4 6.2/i386/wu-ftpd-2.6.0-14.6x.i386.rpm
>8abba6ffa660d1c221581855630ed40d 6.2/sparc/wu-ftpd-2.6.0-14.6x.sparc.rpm
Listeden cikmak icin:
unsub linux
mesajini listeci@bilkent.edu.tr adresine gonderiniz.
Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
Liste arsivinin adresi: http://listweb.bilkent.edu.tr/