Info

Disclosure

Oct 14, 1996

Discovery

Unknown

Dates

Exploit

Oct 14, 1996

Solution

Unknown

Description

A remote overflow exists in WU-FTPD. WU-FTP fails to handle QUOTE PASV requests for logged in users, resulting in a memory overflow. With a specially crafted request, an attacker can cause the daemon to dump core and die. The core file will contain the usernames and password of all users on the system. These endstates are a loss of confidentiality, and availability.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality, Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Upgrade to version 2.6.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

WU-FTPD Development Group

ftpd

2.6.1

References

CVE ID: 1999-0075 (see also: NVD)
ISS X-Force ID: 201
Other Advisory URL: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=113849+0+archive/1996/freebsd-bugs/19961013.freebsd-bugs
Vendor URL: http://www.wu-ftpd.org/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/5742