2 matches found
Debian DSA-357-1 : wu-ftpd - remote root exploit
iSEC Security Research reports that wu-ftpd contains an off-by-one bug in the fbrealpath function which could be exploited by a logged-in user local or anonymous to gain root privileges. A demonstration exploit is reportedly available. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Important: Red Hat Security Advisory: wu-ftpd security update
Updated wu-ftpd packages are available that fix an off-by-one buffer overflow. The wu-ftpd package contains the Washington University FTP File Transfer Protocol server daemon. FTP is a method of transferring files between machines. An off-by-one bug has been discovered in versions of wu-ftpd up t...