Re: Advice on wu-ftpd security needed (URGENT)
Thus spake Robert J. Alexander (bob@inorbit.com):
> I am running a Debian 2.1 dist.
>
> I was sent the following (appended) quite recent (a month old) CERT
> advisory.
>
> How do I understand which Debian packaging has closed these holes ????
>
The latest wu-ftpd (2.6.0-2) in potato closes these issues. In fact, all of
the 2.5.0 finals should be fine as well. The advisory lists 2.5.0 wu-ftpd's
as not vulnerable. I was able to test and confirm this. I haven't tested
those recent issues on the pre's though, since I didn't have any pre versions
installed on any of my servers at the time.
If you're running < 2.5.0pre* it would be best to update. It would be best to
update to the current version regardless. There are a number of bugfixes
closed in 2.6.0 that will probably prevent additional exploits from popping
up, that have not yet been discovered.
> BTW Is there a way to automate the PUT of files in the incoming area so
> that every time one is performed root gets a mail with the filename
> filesize and originator ???
You can write a little program that runs from cron every so often to do this.
If not, there is some perl code called ftpcheck that does this. I haven't
tried it out, but it looks good. You can pick it up at
ftp://ftp.cle.ab.com/pub/ftpcheck.v2.3
--
, oneiros (oneiros@darkspire.net) | . OpenPGP Supported . '
Your good nature will bring unbounded happiness.
Reply to: