WU-FTPD privatepw Symlink Arbitrary File Overwrite

2001-01-10T00:00:00
ID OSVDB:1716
Type osvdb
Reporter Greg Kroah-Hartman(greg@wirex.com)
Modified 2001-01-10T00:00:00

Description

Vulnerability Description

WU-FTPD contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the 'privatepw' program creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, the WU-FTPD Development Group has released a patch to address this vulnerability.

It is possible, but not confirmed, that version 2.6.2 corrects this issue.

Short Description

WU-FTPD contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the 'privatepw' program creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.

References:

Other Advisory URL: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3 Other Advisory URL: http://www.debian.org/security/2001/dsa-016 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-01/0146.html Keyword: Immunix OS Security Advisory Summary ISS X-Force ID: 5915 CVE-2001-0138 Bugtraq ID: 2189