After fixing wu-ftpd hole

After fixing wu-ftpd hole

Post by Brian Springste » Sun, 05 Nov 1995 04:00:00

I just fixed the wu-ftpd security hole, but now the ftp commands (ftpwho,
ftpcount) do not work.  They always report no users.  Also the files aren't
being logged to /var/adm/xferlog anymore.  Did I miss something?  
Has anyone fixed this?


Brian Springstead | Inflammation of the foreskin reminds me of your smile
      Spam!       | I've had ballanital chancroids for quite a little while...


1. InfoMagic Mar95 wu.ftpd security hole fix.

This problem exist in several Slackware releases!

The "wu-ftpd-2.4.diff.gz" patch-file produces a vulnerable "wu.ftpd"
which allows anyone with an account on the machine to become root user.
Solutions range from simple, disable "wu.ftpd"; to easy, recompile.
The appended script, "", will accomplish the latter.

Instructions, *as root*, for InfoMagic's March 1995 4CD-set, assuming
Disc 1 is mounted on "/cdrom".  The initial "cd" is to "/usr/src",
where the build will occur.

Cut on '-' lines & save as; "chmod 700"; "".
# (1), created 3JUN95 by Louis J. LaBash, Jr.
# For InfoMagic's March 1995 4CD-set, Disc 1 mounted on "/cdrom";
#     build will occur in "/usr/src/wu-ftpd-2.4".
# Change in src/pathnames.h: (fixes security hole)
#     #define _PATH_EXECPATH from "/bin" to "/bin/ftp-exec"
# References:
#         AA-94.01.ftpd.Configuration.Advice              -18APR94-
#         AA-95.04.wu-ftpd.misconfiguration.vulnerability -02JUN95-
#     wu-ftpd-2.4/INSTALL                                 -01APR94-
#     /cdrom/Slackware_Source/n/tcpip/SlackBuild          -02MAR95-

cd /usr/src
rm -rf wu-ftpd-2.4
tar xvzf /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.tar.gz
cd wu-ftpd-2.4
zcat /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.diff.gz | patch

mv src/pathnames.h src/pathnames.h-slack
sed -e 's/_PATH_EXECPATH.*"\/bin"/_PATH_EXECPATH  "\/bin\/ftp-exec"/' \
src/pathnames.h-slack >src/pathnames.h

build lnx
mv /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd-slack
install -m 755 -g bin -o root -s bin/ftpd  /usr/sbin/wu.ftpd
echo '*** Restart inetd process, or reboot! ***'

Hope this is of some utility.

2. Tape streamers

3. The meaning of gcc, libc, and everything

4. wu-ftpd Security Hole

5. Logitech ClickSmart 310

6. WU-FTPD security holes

7. Text based console?

8. wu-ftpd security hole affect FreeBSD?

9. Wu-ftpd Remote Root Hole

10. Security hole with WU-FTPD

11. wu-ftpd fixed -- now ls not working

12. wu-ftpd 2.4 fixed compile probs