Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.52953
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2003-46 (wu-ftpd)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to wu-ftpd
announced via advisory TLSA-2003-46.

The fb_realpath() function in Wu-ftpd FTP server contains off-by-one bug.

This vulnerability may allow remote authenticated users to execute
arbitrary code via commands that cause long pathnames.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2003-46

Risk factor : Critical

CVSS Score:
10.0

Querverweis: BugTraq ID: 8315
Common Vulnerability Exposure (CVE) ID: CVE-2003-0466
http://www.securityfocus.com/bid/8315
Bugtraq: 20030731 wu-ftpd fb_realpath() off-by-one bug (Google Search)
http://marc.info/?l=bugtraq&m=105967301604815&w=2
Bugtraq: 20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3) (Google Search)
http://marc.info/?l=bugtraq&m=106002488209129&w=2
Bugtraq: 20030804 wu-ftpd-2.6.2 off-by-one remote exploit. (Google Search)
http://marc.info/?l=bugtraq&m=106001702232325&w=2
Bugtraq: 20060213 Latest wu-ftpd exploit :-s (Google Search)
http://www.securityfocus.com/archive/1/424852/100/0/threaded
Bugtraq: 20060214 Re: Latest wu-ftpd exploit :-s (Google Search)
http://www.securityfocus.com/archive/1/425061/100/0/threaded
CERT/CC vulnerability note: VU#743092
http://www.kb.cert.org/vuls/id/743092
Debian Security Information: DSA-357 (Google Search)
http://www.debian.org/security/2003/dsa-357
FreeBSD Security Advisory: FreeBSD-SA-03:08
http://marc.info/?l=bugtraq&m=106001410028809&w=2
HPdes Security Advisory: SSRT3606
Immunix Linux Advisory: IMNX-2003-7+-019-01
http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01
http://www.mandriva.com/security/advisories?name=MDKSA-2003:080
http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt
NETBSD Security Advisory: NetBSD-SA2003-011.txt.asc
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc
http://www.osvdb.org/6602
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1970
http://www.redhat.com/support/errata/RHSA-2003-245.html
http://www.redhat.com/support/errata/RHSA-2003-246.html
SCO Security Bulletin: CSSA-2003-SCO.20
http://securitytracker.com/id?1007380
http://secunia.com/advisories/9423
http://secunia.com/advisories/9446
http://secunia.com/advisories/9447
http://secunia.com/advisories/9535
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001257.1-1
SuSE Security Announcement: SuSE-SA:2003:032 (Google Search)
http://www.novell.com/linux/security/advisories/2003_032_wuftpd.html
TurboLinux Advisory: TLSA-2003-46
http://www.turbolinux.com/security/TLSA-2003-46.txt
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html
XForce ISS Database: libc-realpath-offbyone-bo(12785)
https://exchange.xforce.ibmcloud.com/vulnerabilities/12785
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.