December 2nd, 2001 09:06 AM
Serious Remote Hole in...
Greetings everyone. This article grabed my attention also so I decided to share it with all of you. It's another exempt from one of my favorite security sites:
Hideaway.net reports that a serious remote hole ihas been discovered in Wu-FTPd.
...A buffer overflow that can yield remote root compromise has been discovered in the wu-ftpd FTP server common among most Linux distributions. Vendors had been alerted of the hole earlier this month, and were cooperating to simultaneously release a patch December 3. But as CNET reports, Red Hat accidentally issued its alert to Bugtraq today, forcing other Linux companies to scramble and finish developing their patches. The Hideaway.Net Security Monitor has been updated with access details and all currently available patches - as of now, only Caldera, SuSE, and of course Red Hat have issued advisories.
Hope you fount this to be as informative as i did...
Have A Nice Day,
December 3rd, 2001 05:48 AM
The Good part is that this will be patched very soon if it has not been already. The Bad part is that these things happen to such a great OS like Linux with such potential. If you are running a desktop/workstation you should not be making any remote services available anyway (be sure and check if you are). If you are running a server or are considering it go with OpenBSD, they just released 3.0, and OpenBSD has not had a remote exploit for going on 4 years with the default install.