[TriLUG] New CERT advisory on WU-FTPD

Vestal, Roy L. rvestal at rti.org
Fri Nov 30 09:13:25 EST 2001


Didn't know if anyone was running it, but the bug isn't that nice. Here's
the links:

  This  vulnerability  has been assigned the identifier CAN-2001-0550 by
   the Common Vulnerabilities and Exposures (CVE) group:

          http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0550

   CORE  Security  Technologies  has  published a Vulnerability Report on
   this issue:

          http://www.corest.com/pressroom/advisories_desplegado.php?
          dxsection=10&idx=17

   VU#639760: WU-FTPD configured to use RFC 931 authentication running in
   debug mode contains format string vulnerability



More information about the TriLUG mailing list