|
|
Multiple Vendor FTPD realpath Vulnerability
|
Bugtraq ID:
|
113
|
|
Class:
|
Boundary Condition Error
|
|
CVE:
|
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Feb 09 1999 12:00AM
|
|
Updated:
|
Feb 09 1999 12:00AM
|
|
Credit:
|
This vulnerability was first posted to the Bugtraq mailing list by Jordan Ritter of Netect on February 9/1999.
|
|
Vulnerable:
|
Washington University wu-ftpd 2.4.2 academ[BETA-18]
+
RedHat Linux 5.2 i386
Washington University wu-ftpd 2.4.2 (beta 18) VR9
Slackware Linux 3.6
Slackware Linux 3.5
Slackware Linux 3.4
SCO Unixware 7.0.1
SCO Unixware 7.0
SCO Open Server 5.0.5
SCO Open Server 5.0.4
SCO Open Server 5.0.3
SCO Open Server 5.0.2
SCO Open Server 5.0
RedHat wu-ftpd 2.4.2 b18-2
+
RedHat Linux 5.2 i386
RedHat Linux 5.1
-
Standard & Poors ComStock 4.2.4
RedHat Linux 5.0
ProFTPD Project ProFTPD 1.2 pre1
Debian Linux 2.0
Caldera OpenLinux 1.3
|
|
|
|
Not Vulnerable:
|
Washington University wu-ftpd 2.4.2 (beta 18) VR10
SCO Open Desktop 3.0
SCO CMW+ 3.0
RedHat wu-ftpd 2.4.2 b18-2.1
NcFTP Software NcFTPD 2.3.5
IBM AIX 4.3
IBM AIX 4.2.1
IBM AIX 4.2
IBM AIX 4.1.5
IBM AIX 4.1.4
IBM AIX 4.1.3
IBM AIX 4.1.2
IBM AIX 4.1.1
IBM AIX 4.1
HP HP-UX 11.0
HP HP-UX 10.20
HP HP-UX 10.9
HP HP-UX 10.8
Debian proftpd 1.2 pre1-2
BeroFTPD BeroFTPD 1.2
|
|
|
