InfoMagic Mar95 wu.ftpd security hole fix.

InfoMagic Mar95 wu.ftpd security hole fix.

Post by Louis J. LaBash J » Fri, 09 Jun 1995 04:00:00



This problem exist in several Slackware releases!

The "wu-ftpd-2.4.diff.gz" patch-file produces a vulnerable "wu.ftpd"
which allows anyone with an account on the machine to become root user.
Solutions range from simple, disable "wu.ftpd"; to easy, recompile.
The appended script, "wu-ftpd.sh", will accomplish the latter.

=========================================================================
Instructions, *as root*, for InfoMagic's March 1995 4CD-set, assuming
Disc 1 is mounted on "/cdrom".  The initial "cd" is to "/usr/src",
where the build will occur.

Cut on '-' lines & save as wu-ftpd.sh; "chmod 700 wu-ftpd.sh"; "wu-ftpd.sh".
----------------------------wu-ftpd.sh-----------------------------------
# wu-ftpd.sh (1), created 3JUN95 by Louis J. LaBash, Jr.
# For InfoMagic's March 1995 4CD-set, Disc 1 mounted on "/cdrom";
#     build will occur in "/usr/src/wu-ftpd-2.4".
# Change in src/pathnames.h: (fixes security hole)
#     #define _PATH_EXECPATH from "/bin" to "/bin/ftp-exec"
# References:
#     ftp://ftp.auscert.org.au/pub/auscert/advisory/
#         AA-94.01.ftpd.Configuration.Advice              -18APR94-
#         AA-95.04.wu-ftpd.misconfiguration.vulnerability -02JUN95-
#     wu-ftpd-2.4/INSTALL                                 -01APR94-
#     /cdrom/Slackware_Source/n/tcpip/SlackBuild          -02MAR95-

cd /usr/src
rm -rf wu-ftpd-2.4
tar xvzf /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.tar.gz
cd wu-ftpd-2.4
zcat /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.diff.gz | patch

mv src/pathnames.h src/pathnames.h-slack
sed -e 's/_PATH_EXECPATH.*"\/bin"/_PATH_EXECPATH  "\/bin\/ftp-exec"/' \
src/pathnames.h-slack >src/pathnames.h

build lnx
mv /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd-slack
install -m 755 -g bin -o root -s bin/ftpd  /usr/sbin/wu.ftpd
echo '*** Restart inetd process, or reboot! ***'


----------------------------wu-ftpd.sh-----------------------------------

Hope this is of some utility.
--

 
 
 

InfoMagic Mar95 wu.ftpd security hole fix.

Post by Louis J. LaBash J » Fri, 09 Jun 1995 04:00:00


This problem exist in several Slackware releases!

The "wu-ftpd-2.4.diff.gz" patch-file produces a vulnerable "wu.ftpd"
which allows anyone with an account on the machine to become root user.
Solutions range from simple, disable "wu.ftpd"; to easy, recompile.
The appended script, "wu-ftpd.sh", will accomplish the latter.

=========================================================================
Instructions, *as root*, for InfoMagic's March 1995 4CD-set, assuming
Disc 1 is mounted on "/cdrom".  The initial "cd" is to "/usr/src",
where the build will occur.

Cut on '-' lines & save as wu-ftpd.sh; "chmod 700 wu-ftpd.sh"; "wu-ftpd.sh".
----------------------------wu-ftpd.sh-----------------------------------
# wu-ftpd.sh (1), created 3JUN95 by Louis J. LaBash, Jr.
# For InfoMagic's March 1995 4CD-set, Disc 1 mounted on "/cdrom";
#     build will occur in "/usr/src/wu-ftpd-2.4".
# Change in src/pathnames.h: (fixes security hole)
#     #define _PATH_EXECPATH from "/bin" to "/bin/ftp-exec"
# References:
#     ftp://ftp.auscert.org.au/pub/auscert/advisory/
#         AA-94.01.ftpd.Configuration.Advice              -18APR94-
#         AA-95.04.wu-ftpd.misconfiguration.vulnerability -02JUN95-
#     wu-ftpd-2.4/INSTALL                                 -01APR94-
#     /cdrom/Slackware_Source/n/tcpip/SlackBuild          -02MAR95-

cd /usr/src
rm -rf wu-ftpd-2.4
tar xvzf /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.tar.gz
cd wu-ftpd-2.4
zcat /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.diff.gz | patch

mv src/pathnames.h src/pathnames.h-slack
sed -e 's/_PATH_EXECPATH.*"\/bin"/_PATH_EXECPATH  "\/bin\/ftp-exec"/' \
src/pathnames.h-slack >src/pathnames.h

build lnx
mv /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd-slack
install -m 755 -g bin -o root -s bin/ftpd  /usr/sbin/wu.ftpd
echo '*** Restart inetd process, or reboot! ***'


----------------------------wu-ftpd.sh-----------------------------------

Hope this is of some utility.
--


 
 
 

InfoMagic Mar95 wu.ftpd security hole fix.

Post by Louis J. LaBash J » Sat, 10 Jun 1995 04:00:00


This problem exist in several Slackware releases!

The "wu-ftpd-2.4.diff.gz" patch-file produces a vulnerable "wu.ftpd"
which allows anyone with an account on the machine to become root user.
Solutions range from simple, disable "wu.ftpd"; to easy, recompile.
The appended script, "wu-ftpd.sh", will accomplish the latter.

=========================================================================
Instructions, *as root*, for InfoMagic's March 1995 4CD-set, assuming
Disc 1 is mounted on "/cdrom".  The initial "cd" is to "/usr/src",
where the build will occur.

Cut on '-' lines & save as wu-ftpd.sh; "chmod 700 wu-ftpd.sh"; "wu-ftpd.sh".
----------------------------wu-ftpd.sh-----------------------------------
# wu-ftpd.sh (1), created 3JUN95 by Louis J. LaBash, Jr.
# For InfoMagic's March 1995 4CD-set, Disc 1 mounted on "/cdrom";
#     build will occur in "/usr/src/wu-ftpd-2.4".
# Change in src/pathnames.h: (fixes security hole)
#     #define _PATH_EXECPATH from "/bin" to "/bin/ftp-exec"
# References:
#     ftp://ftp.auscert.org.au/pub/auscert/advisory/
#         AA-94.01.ftpd.Configuration.Advice              -18APR94-
#         AA-95.04.wu-ftpd.misconfiguration.vulnerability -02JUN95-
#     wu-ftpd-2.4/INSTALL                                 -01APR94-
#     /cdrom/Slackware_Source/n/tcpip/SlackBuild          -02MAR95-

cd /usr/src
rm -rf wu-ftpd-2.4
tar xvzf /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.tar.gz
cd wu-ftpd-2.4
zcat /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.diff.gz | patch

mv src/pathnames.h src/pathnames.h-slack
sed -e 's/_PATH_EXECPATH.*"\/bin"/_PATH_EXECPATH  "\/bin\/ftp-exec"/' \
src/pathnames.h-slack >src/pathnames.h

build lnx
mv /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd-slack
install -m 755 -g bin -o root -s bin/ftpd  /usr/sbin/wu.ftpd
echo '*** Restart inetd process, or reboot! ***'


----------------------------wu-ftpd.sh-----------------------------------

Hope this is of some utility.
--

 
 
 

1. InfoMagic Mar95 wu.ftpd security hole fix.

This problem exist in several Slackware releases!

The "wu-ftpd-2.4.diff.gz" patch-file produces a vulnerable "wu.ftpd"
which allows anyone with an account on the machine to become root user.
Solutions range from simple, disable "wu.ftpd"; to easy, recompile.
The appended script, "wu-ftpd.sh", will accomplish the latter.

=========================================================================
Instructions, *as root*, for InfoMagic's March 1995 4CD-set, assuming
Disc 1 is mounted on "/cdrom".  The initial "cd" is to "/usr/src",
where the build will occur.

Cut on '-' lines & save as wu-ftpd.sh; "chmod 700 wu-ftpd.sh"; "wu-ftpd.sh".
----------------------------wu-ftpd.sh-----------------------------------
# wu-ftpd.sh (1), created 3JUN95 by Louis J. LaBash, Jr.
# For InfoMagic's March 1995 4CD-set, Disc 1 mounted on "/cdrom";
#     build will occur in "/usr/src/wu-ftpd-2.4".
# Change in src/pathnames.h: (fixes security hole)
#     #define _PATH_EXECPATH from "/bin" to "/bin/ftp-exec"
# References:
#     ftp://ftp.auscert.org.au/pub/auscert/advisory/
#         AA-94.01.ftpd.Configuration.Advice              -18APR94-
#         AA-95.04.wu-ftpd.misconfiguration.vulnerability -02JUN95-
#     wu-ftpd-2.4/INSTALL                                 -01APR94-
#     /cdrom/Slackware_Source/n/tcpip/SlackBuild          -02MAR95-

cd /usr/src
rm -rf wu-ftpd-2.4
tar xvzf /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.tar.gz
cd wu-ftpd-2.4
zcat /cdrom/Slackware_Source/n/tcpip/wu-ftpd-2.4.diff.gz | patch

mv src/pathnames.h src/pathnames.h-slack
sed -e 's/_PATH_EXECPATH.*"\/bin"/_PATH_EXECPATH  "\/bin\/ftp-exec"/' \
src/pathnames.h-slack >src/pathnames.h

build lnx
mv /usr/sbin/wu.ftpd /usr/sbin/wu.ftpd-slack
install -m 755 -g bin -o root -s bin/ftpd  /usr/sbin/wu.ftpd
echo '*** Restart inetd process, or reboot! ***'


----------------------------wu-ftpd.sh-----------------------------------

Hope this is of some utility.
--

2. RAID-1 mirroring.

3. wu-ftpd Security Hole

4. SCSI: 0 hosts while installing Slackware 3.6 on Compaq Proliant 3000

5. WU-FTPD security holes

6. problem xsession icons on ID without a proper shell

7. wu-ftpd security hole affect FreeBSD?

8. Upgrading you home.

9. Security hole with WU-FTPD

10. After fixing wu-ftpd hole

11. What was the final fix for wu.ftpd security?

12. wu-ftpd - WITH Security fixes - Binaries wanted