From owner-doc-jp@jp.freebsd.org  Mon Jul 10 04:08:35 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id EAA44220;
	Mon, 10 Jul 2000 04:08:35 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from sv01.geocities.co.jp (sv01.geocities.co.jp [210.153.89.155])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id EAA44215
	for <doc-jp@jp.freebsd.org>; Mon, 10 Jul 2000 04:08:34 +0900 (JST)
	(envelope-from hrs@geocities.co.jp)
Received: from mail.geocities.co.jp (mail.geocities.co.jp [210.153.89.137]) by sv01.geocities.co.jp (8.9.3+3.2W/3.7W) with ESMTP id EAA24438 for <doc-jp@jp.freebsd.org>; Mon, 10 Jul 2000 04:08:34 +0900 (JST)
Received: from mail.hrs.jp (sutnmax2-ppp00.ed.noda.sut.ac.jp [133.31.173.70]) by mail.geocities.co.jp (1.3G-GeocitiesJ-3.3) with ESMTP id EAA06099 for <doc-jp@jp.freebsd.org>; Mon, 10 Jul 2000 04:08:33 +0900 (JST)
Message-Id: <200007091908.EAA06099@mail.geocities.co.jp>
Received: from localhost (alph.hrs.jp [192.168.0.10])
	by mail.hrs.jp (8.9.3/3.7W/DomainMaster) with ESMTP id DAA02191
	for <doc-jp@jp.freebsd.org>; Mon, 10 Jul 2000 03:20:13 +0900 (JST)
	(envelope-from hrs@hrs.jp)
To: doc-jp@jp.freebsd.org
In-Reply-To: <200007091525.AAA25085@sta.att.ne.jp>
References: <20000705230939.CF9F237BB66@hub.freebsd.org>
	<200007091525.AAA25085@sta.att.ne.jp>
X-Mailer: Mew version 1.94.1 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Mon, 10 Jul 2000 03:20:09 +0900
From: Hiroki Sato <hrs@geocities.co.jp>
X-Dispatcher: imput version 990905(IM130)
Lines: 67
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: doc-jp 7513
Subject: [doc-jp 7513] Re: ANNOUNCE: FreeBSD Ports Security Advisory:
 FreeBSD-SA-00:29.wu-ftpd
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: hrs@geocities.co.jp

$B:4F#!wEl5~M}2JBg3X$G$9!#(B

"Iwakuni, Tomohiko" <iwac@sta.att.ne.jp> wrote
 in <200007091525.AAA25085@sta.att.ne.jp>:

> $B!!$3$s$P$s$O!"4dT"$G$9!#(B
> 
> $B!!Lu$7$F$_$^$7$?!#59$7$/$*4j$$$7$^$9!#(B

 $B$I$&$b$*Hh$l$5$^$G$9!#(B

> > The wu-ftpd port, versions 2.6.0 and below, contains a vulnerability
> > which allows remote anonymous FTP users to execute arbitrary code as
> > root on the local machine, by inserting string-formatting operators
> > into command input, which are incorrectly parsed by the FTP server.
> 
> wu-ftpd$B$N(Bport($B%P!<%8%g%s(B2.6.0$B$*$h$S$=$l0J2<(B)$B$O%;%-%e%j%F%#>e$N<eE@(B
> $B$,$"$j$^$9(B.$BJ8;zNs7A<0$N%*%Z%l!<%?$r%3%^%s%IF~NO$KA^F~$9$k;v$K$h$C$F(B
> ,FTP$B%5!<%P$O4V0c$C$?%Q!<%9$r$7$^$9(B.$B$=$N$3$H$K$h$j(B,$B%j%b!<%H$NF?L>(BFTP
> $B%f!<%6$O(B,$B%k!<%H8"8B$H$7$F$=$N%m!<%+%k%^%7%s>e$GG$0U$N%3!<%I$,<B9T$G(B
> $B$-$k$h$&$K$J$j$^$9(B.

 |wu-ftpd $B$N(B port ($B%P!<%8%g%s(B 2.6.0 $B$*$h$S$=$l0JA0$N$b$N(B) $B$K$O(B,
 |$B%j%b!<%H$N(B anonymous FTP $B%f!<%6$,%m!<%+%k%^%7%s>e$N(B root $B8"8B$G(B
 |$BG$0U$N%3!<%I$r<B9T$G$-$k$H$$$&%;%-%e%j%F%#>e$N<eE@$,$"$j$^$9(B.
 |$B%3!<%I$N<B9T$O(B, $B%3%^%s%IF~NO$K(B FTP $B%5!<%P$,@5$7$/2r@O$G$-$J$$$h$&$J(B
 |$BJ8;zNs7A<0$N1i;;;R$rF~$l$k$3$H$G2DG=$H$J$j$^$9(B.

 string-formatting operators $B$,$I$&$$$&$b$N$J$N$+(B
 $B$o$+$i$J$$$N$G!"$=$NItJ,$NLu$OE,Ev$G$9!#(B
 $BF?L>(B FTP $B$O$A$g$C$HHyL/$G$9$+$M!E!E!#(B

> > Remote anonymous FTP users can cause arbitrary commands to be executed
> > as root on the local machine.
> 
> $B%j%b!<%H$NF?L>(BFTP $B%f!<%6$,%m!<%+%k%^%7%s>e$G%k!<%H8"8B$H$7$FG$0U$N%3%^%s%I(B
> $B$r<B9T$9$k$3$H$,2DG=$G$9(B.

 |$B%j%b!<%H$N(B anonymous FTP $B%f!<%6$,%m!<%+%k%^%7%s>e$N(B root $B8"8B$G(B
 |$BG$0U$N%3%^%s%I$r<B9T$9$k$3$H$,2DG=$G$9(B.

> 2) $B8E$$%Q%C%1!<%8$r:o=|$7(B,$B=$@5F|8e$K$G$??7$7$$%Q%C%1!<%8$r%$%s%9%H!<%k(B
> $B$7$^$9(B,$B?7$7$$%Q%C%1!<%8$O0J2<$N%5%$%H$+$iF~<j$9$k;v$,$G$-$^$9(B:
(snip)
> $BCm0U(B: $B%"%C%W%G!<%H$5$l$?(Bpackages$B$,F~<j2DG=$K$J$k$^$G?tF|$+$+$k$+$b$7$l(B
> $B$^$;$s(B.$B%=%U%H%&%'%"$N%P!<%8%g%sHV9f$OJQ$o$C$F$$$J$$$N$G(B,$B%Q%C%1!<%8$N%U(B
> $B%!%$%k$N:n@.F|$K5$$r$D$1$F$/$@$5$$(B.
(snip)
> $B$=$7$F!"$=$N%9%1%k%H%s$rMQ$$$F%]!<%H$r:F9=C[$7$^$9(B.

 $B$3$3$i$X$s$N!V%]!<%H!W!V%Q%C%1!<%8!W$O(B
 $B$=$l$>$l(B "port" "package" $B$KE}0l$9$k$h$&$K$*4j$$$7$^$9!#(B
 $B$^$@J8=q2=$7$F$$$J$$$N$G$9$,!"%,%$%I%i%$%s$H$7$F$O(B

  o FreeBSD Ports Collection $B$O8GM-L>;l07$$!#(B
  o $B%Q%C%1!<%8$H(B FreeBSD $B$N(B package $B$O6hJL$9$k!#(B
    ($BA0<T$O0lHLE*$J%Q%C%1!<%8%7%9%F%`$r;X$9>l9g$KMQ$$$k(B)
  o $BC1J#$N;H$$J,$1$O1Q8l$K=`$:$k!#(B

 $B$"$?$j$K$J$j$^$9!#(B

--
| $B:4F#(B $B9-@8!wEl5~M}2JBg3X(B <hrs@geocities.co.jp>
|
|                                     j7397067@ed.noda.sut.ac.jp(UNIV)
|                                sato@sekine00.ee.noda.sut.ac.jp(UNIV)
|                                     hrs@FreeBSD.org(FreeBSD Project)
