Bug 17807 - some wu-ftpd syslog messages mis-formated
Summary: some wu-ftpd syslog messages mis-formated
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: wu-ftpd
Version: 6.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Bernhard Rosenkraenzer
QA Contact:
URL:
Whiteboard:
: 22745 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-09-24 04:28 UTC by Declan Mullen
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2001-03-16 12:18:04 UTC
Embargoed:


Attachments (Terms of Use)

Description Declan Mullen 2000-09-24 04:28:23 UTC
When an invalid attempt to login via wu-ftpd-2.6.0-1 is made, a mis-
formated line is written in /var/log/messages. Eg here are 4 lines, line 4 
is mis-formated:

    Sep 24 14:19:23 maisy ftpd[18136]: USER root
    Sep 24 14:19:25 maisy ftpd[18136]: PASS password
    Sep 24 14:19:25 maisy PAM_pwdb[18136]: authentication failure; (uid=0) 
-> root for ftp service 
    Sep 24 14:19:26 maisy ftpd: hpim3384.jadpace.com: connected: IDLE 
[18136]: failed login from hpim3384.jadpace.com [203.44.127.139]

The last line (timestamped "14:19:26") is mis-formated. It seems to have 
had "hpim3384.jadpace.com: connected: IDLE" inserted after "ftpd:" and 
before "[18136]:".

Any ideas ?

Comment 1 Bernhard Rosenkraenzer 2000-09-24 09:05:37 UTC
I've verified that this still happens with the current version and I'm
looking into it.
In the mean time, we urge you to update to 2.6.1 or higher as found on
updates.redhat.com, since the version you're using has some known
major security problems.

Comment 2 Declan Mullen 2000-09-24 11:28:43 UTC
Thanks for the suggestion. 

Is wu-ftpd-2.6.0-14.6x good enough to fix the security issue ? If it's not good 
enough could you please let me know and I'll load wu-ftpd-2_6_1-6_i386.rpm even 
though it will also require the instalation of xinetd, libresolv.so.2, and 
libc.so.6(GLIBC_2.2).



Comment 3 WU-FTPD Development Group 2001-03-12 21:39:35 UTC
PAM bug.

Only possible workarround in WU-FTPD is to use SPT_NONE if we're using PAM.

Close this ticket (there REALLY is nothing WU-FTPD can do about it).

Comment 4 Bernhard Rosenkraenzer 2001-03-16 12:17:56 UTC
*** Bug 22745 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.