Executive Summary
Summary | |
---|---|
Title | New wu-ftpd packages fix multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-457 | First vendor Publication | 2004-03-08 |
Vendor | Debian | Last vendor Modification | 2004-03-08 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Two vulnerabilities were discovered in wu-ftpd: CAN-2004-0148 - Glenn Stewart discovered that users could bypass the directory access restrictions imposed by the restricted-gid option by changing the permissions on their home directory. On a subsequent login, when access to the user's home directory was denied, wu-ftpd would fall back to the root directory. CAN-2004-0185 - A buffer overflow existed in wu-ftpd's code which deals with S/key authentication. For the stable distribution (woody) these problems have been fixed in version 2.6.2-3woody4. For the unstable distribution (sid) these problems have been fixed in version 2.6.2-17.1. We recommend that you update your wu-ftpd package. |
Original Source
Url : http://www.debian.org/security/2004/dsa-457 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:1147 | |||
Oval ID: | oval:org.mitre.oval:def:1147 | ||
Title: | HP-UX wuftpd Privilege Escalation Vulnerability (B.11.11) | ||
Description: | wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0148 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | ftpd |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:1636 | |||
Oval ID: | oval:org.mitre.oval:def:1636 | ||
Title: | HP-UX wuftpd Privilege Escalation Vulnerability (B.11.22) | ||
Description: | wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0148 | Version: | 4 |
Platform(s): | HP-UX 11 | Product(s): | ftpd |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:1637 | |||
Oval ID: | oval:org.mitre.oval:def:1637 | ||
Title: | HP-UX wuftpd Privilege Escalation Vulnerability (B.11.00) | ||
Description: | wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0148 | Version: | 1 |
Platform(s): | HP-UX 11 | Product(s): | ftpd |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:648 | |||
Oval ID: | oval:org.mitre.oval:def:648 | ||
Title: | HP-UX wuftpd Privilege Escalation Vulnerability (B.11.23) | ||
Description: | wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0148 | Version: | 5 |
Platform(s): | HP-UX 11 | Product(s): | ftpd |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-04 | Name : FreeBSD Ports: wu-ftpd File : nvt/freebsd_wu-ftpd0.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 457-1 (wu-ftpd) File : nvt/deb_457_1.nasl |
2005-11-03 | Name : wu-ftpd S/KEY authentication overflow File : nvt/wu_ftpd_skey_remote_buff.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
4160 | WU-FTPD restricted-gid Directory Access Restriction Bypass WU-FTPD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when the restricted-gid feature is used. A malicious user can change the permissions on their home directory to deny themselves access. A subsequent connection by that user will exploit the flaw, and put them into the home directory of the root user, which will disclose files that an ordinary user would not have access to resulting in a loss of confidentiality. |
2715 | WU-FTPD S/KEY Authentication ftpd.c skey_challenge Function Remote Overflow A remote overflow exists in WU-FTPD if S/KEY support is enabled. The skey_challenge function in ftpd.c fails to perform bounds checking on the name variable resulting in a buffer overflow. With a specially crafted request, a remote attacker can execute arbitrary code. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_3b7c7f6c710211d8873f0020ed76ef5a.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_31732.nasl - Type : ACT_GATHER_INFO |
2005-03-18 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_30983.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_29462.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-457.nasl - Type : ACT_GATHER_INFO |
2004-08-25 | Name : The remote FTP server seems to be vulnerable to a remote buffer overflow. File : wu_ftpd_skey_remote_buff.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2004-096.nasl - Type : ACT_GATHER_INFO |
2004-03-14 | Name : The remote FTP server has an access restriction bypass vulnerability. File : wu_ftpd_restricted_gid_bypass.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:33:08 |
|