TNFTPD Multiple Signal Handler Remote Superuser Compromise Vulnerabilities

Bugtraq ID: 10967
Class: Race Condition Error
CVE: CVE-2004-0794
Remote: Yes
Local: No
Published: Aug 17 2004 12:00AM
Updated: Jul 12 2009 06:16AM
Credit: Przemyslaw Frasunek disclosed these vulnerabilities.
Vulnerable: Sun Java Desktop System (JDS) 2.0
Sun Java Desktop System (JDS) 2003
NetBSD NetBSD 2.0
NetBSD NetBSD 1.6.2
NetBSD NetBSD 1.6.1
NetBSD NetBSD 1.6 beta
NetBSD NetBSD 1.6
NetBSD NetBSD 1.5.3
NetBSD NetBSD 1.5.2
NetBSD NetBSD 1.5.1
NetBSD NetBSD 1.5 x86
NetBSD NetBSD 1.5 sh3
NetBSD NetBSD 1.5
NetBSD NetBSD 1.4.3
NetBSD NetBSD 1.4.2 x86
NetBSD NetBSD 1.4.2 SPARC
NetBSD NetBSD 1.4.2 arm32
NetBSD NetBSD 1.4.2 Alpha
NetBSD NetBSD 1.4.2
NetBSD NetBSD 1.4.1 x86
NetBSD NetBSD 1.4.1 SPARC
NetBSD NetBSD 1.4.1 sh3
NetBSD NetBSD 1.4.1 arm32
NetBSD NetBSD 1.4.1 Alpha
NetBSD NetBSD 1.4.1
NetBSD NetBSD 1.4 x86
NetBSD NetBSD 1.4 SPARC
NetBSD NetBSD 1.4 arm32
NetBSD NetBSD 1.4 Alpha
NetBSD NetBSD 1.4
NetBSD NetBSD 1.3.3
NetBSD NetBSD 1.3.2
NetBSD NetBSD 1.3.1
NetBSD NetBSD 1.3
NetBSD NetBSD Current
Luke Mewburn TNFTPD 20031217
Luke Mewburn lukemftp 1.5
+ S.u.S.E. Firewall Adminhost VPN
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 6.4
+ S.u.S.E. Linux Admin-CD for Firewall
+ S.u.S.E. Linux Connectivity Server
+ S.u.S.E. Linux Database Server 0
 + S.u.S.E. Linux Enterprise Server for S/390
+ S.u.S.E. Linux Live-CD for Firewall
+ S.u.S.E. SuSE eMail Server III
+ SuSE SUSE Linux Enterprise Server 7
 Luke Mewburn lukemftp 1.1
Heimdal Heimdal 0.6.2
- Ubuntu Ubuntu Linux 4.1 ppc
 - Ubuntu Ubuntu Linux 4.1 ia64
 - Ubuntu Ubuntu Linux 4.1 ia32
 Heimdal Heimdal 0.6.1
Heimdal Heimdal 0.6
Heimdal Heimdal 0.5.3
Heimdal Heimdal 0.5.2
Heimdal Heimdal 0.5.1
Heimdal Heimdal 0.5 .0
Heimdal Heimdal 0.4 e
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
Heimdal Heimdal 0.4 d
Heimdal Heimdal 0.4 c
Heimdal Heimdal 0.4 b
Heimdal Heimdal 0.4 a
Heimdal Heimdal 0.3 f
Gentoo Linux 1.4
Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.2.8
Not Vulnerable: Luke Mewburn TNFTPD 20040810
Heimdal Heimdal 0.6.3
+ Gentoo Linux
+ Gentoo Linux
- Ubuntu Ubuntu Linux 5.10 powerpc
 - Ubuntu Ubuntu Linux 5.10 i386
 - Ubuntu Ubuntu Linux 5.10 amd64
 - Ubuntu Ubuntu Linux 5.0 4 powerpc
 - Ubuntu Ubuntu Linux 5.0 4 i386
 - Ubuntu Ubuntu Linux 5.0 4 amd64


 

Privacy Statement
Copyright 2010, SecurityFocus