Signature Detail

FTP: WU-FTPD ftpglob() Input Validation Error

This signature detects attempts to exploit a known vulnerability in Wu-ftpd, a software package that provides File Transfer Protocol (FTP) services for UNIX and Linux systems. Wu-ftpd versions 2.6.1 to 2.6.18 are vulnerable. Attackers can send a maliciously crafted pathname in a CWD or LIST command to the FTP server to execute arbitrary commands as root.

Extended Description

Wu-Ftpd is an FTP server based on the BSD 'ftpd' that is maintained by Washington University. Wu-Ftpd allows clients to organize files for FTP actions based on "file globbing" patterns. File globbing is also used by various shells. The implementation of file globbing included in Wu-Ftpd contains a heap-corruption vulnerability that may allow an attacker to execute arbitrary code on a server remotely. This vulnerability was initially scheduled for public release on December 3, 2001. However, Red Hat has made details public as of November 27, 2001. As a result, we are forced to warn other users of the vulnerable product so that they may take appropriate actions.

Affected Products

• David Madore ftpd-BSD 0.3.2
• David Madore ftpd-BSD 0.3.3
• Washington University wu-ftpd 2.5.0 .0
• Washington University wu-ftpd 2.6.0 .0
• Washington University wu-ftpd 2.6.1

References

• BugTraq: 3581
• CERT: CA-2001-33
• CVE: CVE-2001-0550
• URL: http://www.kb.cert.org/vuls/id/886083