From owner-doc-jp@jp.freebsd.org  Fri Sep 17 10:20:28 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id KAA31206;
	Fri, 17 Sep 1999 10:20:28 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from mx.micon.co.jp (merry.micon.co.jp [210.226.150.226])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id KAA31201
	for <doc-jp@FreeBSD.or.jp>; Fri, 17 Sep 1999 10:20:26 +0900 (JST)
	(envelope-from sakauchi@micon.co.jp)
Received: from sam.micon.co.jp (sam.micon.co.jp [210.226.150.227]) by mx.micon.co.jp (8.8.5/CF-3.5W+01/21/98) with ESMTP id KAA09978 for <doc-jp@FreeBSD.or.jp>; Fri, 17 Sep 1999 10:20:25 +0900 (JST)
Message-Id: <199909170120.KAA00853@kid.micon.co.jp>
To: doc-jp@FreeBSD.or.jp
X-Mailer: Mew version 1.69 on Emacs 19.28.1 / Mule 2.3
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Fri, 17 Sep 1999 10:20:24 +0900
From: Atushi Sakauchi <sakauchi@micon.co.jp>
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990727
X-Sequence: doc-jp 6670
Subject: [doc-jp 6670] FreeBSD-SA-99:03.ftpd REISSUED
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: sakauchi@micon.co.jp

$B:dFb$G$9!#(B

announce-jp $B$KN.$l$?%a!<%k$rLu$7$F$_$^$7$?!#(B
$B::FI$*4j$$$7$^$9!#(B

--
  $B$3$N%a!<%k$O(B announce-jp $B$KN.$l$?(B

Subject: ANNOUNCE: FreeBSD Security Advisory: FreeBSD-SA-99:03.ftpd REISSUED
From: FreeBSD Security Officer <security-officer@freebsd.org>
Date: Wed, 15 Sep 1999 21:46:28 -0600 (MDT)
Message-Id: <199909160346.VAA18397@harmony.village.org>

$B$rF|K\8lLu$7$?$b$N$G$9(B.
  $B86J8$O(B PGP $B=pL>$5$l$F$$$^$9$,(B, $B$3$NF|K\8lLu$O(B PGP $B=pL>$5$l$F$$$^$;$s(B. 
$B%Q%C%AEy$NFbMF$,2~cb$5$l$F$$$J$$$3$H$r3NG'$9$k$?$a$K(B PGP $B$N%A%'%C%/$r9T(B
$B$J$&$K$O86J8$r;2>H$7$F$/$@$5$$(B. 
  $BF|K\8lLu$O(B FreeBSD $BF|K\8l%I%-%e%a%s%F!<%7%g%s%W%m%8%'%/%H(B (doc-jp) $B$,(B
$B;29M$N$?$a$KDs6!$9$k$b$N$G(B, $BK]Lu<T$*$h$S(B doc-jp $B$O(B $B$=$NFbMF$K$D$$$F(B
$B$$$+$J$kJ]>Z$b$$$?$7$^$;$s(B. 
  $BF|K\8lLu$K$D$$$F$N$*Ld$$9g$o$;$O(B doc-jp@jp.freebsd.org $B$^$G(B
$B$*4j$$$7$^$9(B. 
                                         $BK]Lu(B : $B:dFbFX(B <sakauchi@micon.co.jp>
=============================================================================
FreeBSD-SA-99:03                                            Security Advisory
                                                                FreeBSD, Inc.

$B%H%T%C%/(B:             Three ftp daemons in ports vulnerable to attack.

$B%+%F%4%j!<(B:           ports
$B%b%8%e!<%k(B:           wu-ftpd and proftpd
$B9pCNF|(B:               1999-09-05
$B:FH/9TF|(B:	      1999-09-15
$B1F6ABP>](B:             FreeBSD 3.2 ($B$*$h$S(B 3.2 $B0JA0$N%P!<%8%g%s(B)
		      $B=$@5$5$l$k0JA0$N(B FreeBSD-current $B$H(B-stable
$B=$@5:Q(B:               FreeBSD-3.3 RELEASE ($BLuCm(B: $BM=Dj(B)
		      wuftpd $B$K$D$$$F$O(B 1999$BG/(B8$B7n(B30$BF|0J9_$N(B FreeBSD
		      ($BCm(B: $BA4$F$N(B FreeBSD $B%V%i%s%A$O!"C10l$N(B Ports Tree $B$r(B
		      $B;HMQ$7$F$$$k$N$G(B, -stable$B$N%f!<%6$K$b1F6A$,$"$j$^$9(B)

FreeBSD $B$@$1$NLdBj$+(B: $BH](B
Bugtraq $B$N(B Id:	      protpd: 612

$B%Q%C%A(B:               $B$J$7(B

I.   $BGX7J(B

wuftpd, beroftpd and proftpd are all optional portions of the system
designed to replace the stock ftpd on a FreeBSD system.  They are
written and maintained by third parties and are included in the
FreeBSD ports collection.

WU-FTPD, berofptd, ProFTPD $B$O(B, FreeBSD $B$NI8=`(B ftpd $B$rCV$-49$($k$?$a$N(B
$B%*%W%7%g%s$G$9(B. $B%5!<%I%Q!<%F%#$K$h$j3+H/!&J]<i$,9T$J$o$l!"(BFreeBSD
Ports $B%3%l%/%7%g%s$K4^$^$l$F$$$^$9(B.

II.  $B2r@b(B

There are different security problems which can lead to remote root
access in these ports or packages.

$B$3$l$i$N(B Ports $B%Q%C%1!<%8$K$O(B, $B%j%b!<%H$N%f!<%6$K(B root $B8"8B$rC%$o$l$k(B
$B2DG=@-$,$"$k$H$$$&8DJL$N%;%-%e%j%F%#>e$N<eE@$,$"$j$^$9(B.

The standard ftp daemon which ships with FreeBSD is not impacted by
either of these problems.

FreeBSD $B$K4^$^$l$F$$$kI8=`$N(B ftp $B%G!<%b%s$K$O(B, $B$3$NLdBj$O$"$j$^$;$s(B.

III. $B1F6A(B

Remote users can gain root.

$B%j%b!<%H$N%f!<%6$,(B root $B8"8B$rF@$k$3$H$,$G$-$^$9(B. 

IV.  $BBP1~:v(B

Disable the ftp daemon until you can upgrade your system, or use the
stock ftpd that comes with FreeBSD.

$B%"%C%W%0%l!<%I$,40N;$9$k$^$G(B ftp $B%G!<%b%s$rDd;_$9$k$+(B, 
FreeBSD $BImB0$NI8=`(B ftpd $B$r;H$$$^$7$g$&(B.

V. $B2r7h:v(B

Upgrade your wu-ftpd port to the version in the cvs repository after
August 30, 1999.  If you are not using the wu-ftpd port, then you
should visit their web site and follow instructions there to patch
your existing version.

WU-FTPD $B$N(B Ports $B$r(B, 1999$BG/(B8$B7n(B30$BF|0J9_$N(B CVS $B%j%]%8%H%j$KBP1~$7$?(B
$B%P!<%8%g%s$K%"%C%W%0%l!<%I$7$F$/$@$5$$(B. Ports $B$r;H$C$F$$$J$$>l9g$O(B,
$B3+H/85$N(B Web$B%5%$%H$r;2>H$7!"%Q%C%A$rE,MQ$7$F$/$@$5$$(B.


beroftpd, which was listed in the original wu-ftpd group's advisory as
having a similar problem, has not been corrected as of September 15,
1999.  It will not be in the 3.3 release.  The port has been marked
forbidden and will remain so until the security problems have been
corrected.  If you are running beroftpd you are encouraged to find if
patches are available for it which corrects these problems before
enabling it on your system.

beroftpd $B$K$bF1MM$NLdBj$,$"$k$3$H$,!"(BWU-FTPD $B3+H/%0%k!<%W$K$h$C$F(B
$B;XE&$5$l$F$$$^$9$,(B, 1999$BG/(B9$B7n(B15$BF|8=:_=$@5$5$l$F$$$^$;$s(B. 
$B$3$l$O(B 3.3 Release $B$K$O4^$^$l$^$;$s(B. Ports $B$O(B $B$9$G$K(B "$B5v2D$5$l$J$$(B"
$B$H$5$l$F$*$j(B, $B%;%-%e%j%F%#>e$NLdBj$,2r7h$5$l$k$^$G2r=|$5$l$^$;$s(B.
beroftpd $B$rAv$i$;$kA0$K(B, $B$3$NLdBj$KBP$9$k%Q%C%A$K$D$$$F3NG'$7$F2<$5$$(B.

proftpd, which had different security problems, has not been updated
to a safe version as of September 15, 1999.  It will not be in the 3.3
release.  It will not be in the 3.3 release.  The port has been marked
forbidden and will remain so until the security problems have been
corrected.  If you are running proftpd, you are encouraged to find out
if there are patches which correct these problems before reenabling it
on your system.

ProFTPD $B$O(B $BJL$N%;%-%e%F%$%F%#>e$NLdBj$rJz$($F$$$F(B, 1999$BG/(B9$B7n(B15$BF|8=:_(B
$B0BA4$J%P!<%8%g%s$OB8:_$7$^$;$s(B. $B$3$l$O(B 3.3 Release $B$K$O4^$^$l$^$;$s(B.
Ports $B$O(B $B$9$G$K(B "$B5v2D$5$l$J$$(B"
$B$H$5$l$F$*$j(B, $B%;%-%e%j%F%#>e$NLdBj$,2r7h$5$l$k$^$G2r=|$5$l$^$;$s(B.
ProFTPD $B$rAv$i$;$kA0$K(B, $B$3$NLdBj$KBP$9$k%Q%C%A$K$D$$$F3NG'$7$F2<$5$$(B.

The previous advisory suggested that any FreeBSD ports version of
proftpd after August 30 had the security problems corrected.  This has
proven to not be the case and was the primary reason for reissuing
this advisory.  While reissuing the advisory, we added beroftpd since
it shares a code history with wu-ftpd.  The original advisory
mistakenly asserted that proftpd also shared a code history with
wuftpd, which is not the case.

$BA02s$N4+9p$G$O(B ProFTPD $B$N(B 8$B7n(B30$BF|0J9_$N(B Ports $B$O0BA4$G$"$k$H(B
$B$5$l$F$$$^$7$?(B. $B$3$l$O;v<B$G$O$J$$$3$H$,H=L@$7(B, $B:#2s$N:FH/9T$H$J$j$^$7(B
$B$?(B. $B$^$?(B WU-FTPD $B$H%3!<%I$r6&M-$7$F$$$k(B beroftpd $B$K$D$$$FDI2C$7$^$7$?(B.
$B%*%j%8%J%k$N4+9p$K$O(B ProFTPD $B$,(B WU-FTPD $B$H%3!<%I$r6&M-$7$F$$$k$H$$$&8m$C(B
$B$?7Y9p$,$"$j$^$7$?$,(B, $B$3$l$O;v<B$G$O$"$j$^$;$s(B.

VI.  Credits and Pointers

The wu-ftpd advisory can be found at
	ftp://ftp.wu-ftpd.org/pub/wu-ftpd/2.5.0.Security.Update.asc

VI.  $B<U<-(B, $B;29M;qNA(B

WU-FTPD sdvisory $B$O(B $B0J2<$K$"$j$^$9(B.
	ftp://ftp.wu-ftpd.org/pub/wu-ftpd/2.5.0.Security.Update.asc

=============================================================================
FreeBSD, Inc.

Web Site:                       http://www.freebsd.org/
Confidential contacts:          security-officer@freebsd.org
Security notifications:         security-notifications@freebsd.org
Security public discussion:     freebsd-security@freebsd.org
PGP Key:                ftp://ftp.freebsd.org/pub/FreeBSD/CERT/public_key.asc

Notice: Any patches in this document may not apply cleanly due to
        modifications caused by digital signature or mailer software.
        Please reference the URL listed at the top of this document
        for original copies of all patches if necessary.
=============================================================================
