Bug 58454

Summary: Bad: security hole in version 2.6.1-16
Product: [Retired] Red Hat Linux Reporter: Need Real Name <jsweeney>
Component: wu-ftpdAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED ERRATA QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: high    
Version: 7.1Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-01-17 01:28:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Need Real Name 2002-01-17 01:28:31 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2.1) Gecko/20010901

Description of problem:
My server (www.sjsocial.org) was hacked by someone who I am pretty sure entred
via wu-ftpd. I don't know how. I had the recommended version installed. 

Version-Release number of selected component (if applicable):


How reproducible:
Didn't try


Additional info:

I can't really offer much more information. When I discovered the hack I had to
reinsure the machine's integrity since the hacker changed basic binaries like
'ls' and created many entried in '/dev' so I have reformatted the disc in order
not to be off the air too long.
The source machine for the hack was in Germany, its ip started with:
141.35.
Comment 1 Bernhard Rosenkraenzer 2002-01-17 11:45:40 UTC 
Please update to 2.6.1-20.
Comment 2 Need Real Name 2002-01-17 16:50:24 UTC 
Unfortunately, the update provided on the errata pages, to close security holes
is version 2.6.1-16 implying that it is secure when obviously it isn't. The
errata pages should be updated to version 2.6.1-20, shouldn't they?