From owner-doc-jp@jp.freebsd.org  Mon Jul 10 21:54:52 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id VAA17759;
	Mon, 10 Jul 2000 21:54:52 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from sta.att.ne.jp (sta.att.ne.jp [165.76.210.5])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id VAA17754
	for <doc-jp@jp.freebsd.org>; Mon, 10 Jul 2000 21:54:52 +0900 (JST)
	(envelope-from iwac@sta.att.ne.jp)
Received: from oceanblue.sidemenu.home (103.pool27.tokyo.att.ne.jp [165.76.232.118]) by sta.att.ne.jp (8.8.8+Spin/3.6W-CONS(07/23/99)) id VAA02591; Mon, 10 Jul 2000 21:54:50 +0900 (JST)
Message-Id: <200007101254.VAA02591@sta.att.ne.jp>
Date: Mon, 10 Jul 2000 21:55:37 +0900
From: "Iwakuni, Tomohiko" <iwac@sta.att.ne.jp>
To: doc-jp@jp.freebsd.org
In-Reply-To: <200007100346.e6A3k1n02013@koga.do.mms.mt.nec.co.jp>
References: <20000705230939.CF9F237BB66@hub.freebsd.org>
	<200007091525.AAA25085@sta.att.ne.jp>
	<200007091908.EAA06099@mail.geocities.co.jp>
	<200007100346.e6A3k1n02013@koga.do.mms.mt.nec.co.jp>
X-Mailer: Sylpheed version 0.3.21 (GTK+ 1.2.8; Linux 2.2.5-22lv3; i686)
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=ISO-2022-JP
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: doc-jp 7516
Subject: [doc-jp 7516] Re: ANNOUNCE: FreeBSD Ports Security Advisory: FreeBSD-SA-00:29.wu-ftpd
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: iwac@sta.att.ne.jp


 $B4dT"$G$9!#(B

> Vendor status:  Contacted
> $B%Y%s%@$NBP1~(B:   $B%Y%s%@$KLdBj$r9pCN:Q$_(B
>>contact $B$r$7$?$N$O(B FreeBSD $B$N%A!<%`$8$c$J$$$h$&$J!D(B
$B!!(B
$B!!%Y%s%@$O<~CN:Q$_!!$HJQ99$7$F$_$^$7$?!#(B

>$B$"$H!"$3$3$G$$$&(B string-formatting operators $B$O!"(Bprintf() $B$J$s$+$G;H$o(B
>$B$l$k%U%)!<%^%C%F%#%s%0J8;zNs(B ($B$?$H$($P(B "%s") $B$N$3$H$G$9!#(BJIS $B$G$O$J$s(B
>$B$FLu$9$s$@$C$1!)(B

 $B$=$&$$$&0UL#$@$C$?$N$G$9$M!#(BJIS$B$O$o$+$i$J$$$G$9$,!":#<j85$K$"$k(Bsed&awk
$B$NNPK\$,$"$k$s$G$9$,!"$=$l$K$O!"%U%)!<%^%C%H;XDj;R$H=q$$$F$"$C$?$N$G!"(B
$B!!J8;zNs$N%U%)!<%^%C%H;XDj;R$H$7$^$7$?(B

$B!!$"$HLuCm$r$$$l$^$7$?!#(B


$B0J2<=$@5HG$G$9!#(B

 $B$3$N%a!<%k$O(B, announce-jp $B$KN.$l$?(B

  Subject: ANNOUNCE: FreeBSD Ports Security Advisory: FreeBSD-SA-00:29.wu-ftpd
  From: FreeBSD Security Advisories <security-advisories@freebsd.org>
  Message-Id: <20000705230939.CF9F237BB66@hub.freebsd.org>
  Date: Wed,  5 Jul 2000 16:09:39 -0700 (PDT)
  X-Sequence: announce-jp 469

 $B$rF|K\8lLu$7$?$b$N$G$9(B. 

 $B86J8$O(B PGP $B=pL>$5$l$F$$$^$9$,(B, $B$3$NF|K\8lLu$O(B PGP $B=pL>$5$l$F$$$^$;$s(B. 
 $B%Q%C%AEy$NFbMF$,2~cb$5$l$F$$$J$$$3$H$r3NG'$9$k$?$a$K(B PGP $B$N%A%'%C%/$r(B
 $B9T$J$&$K$O(B, $B86J8$r;2>H$7$F$/$@$5$$(B. 

 $BF|K\8lLu$O(B FreeBSD $BF|K\8l%I%-%e%a%s%F!<%7%g%s%W%m%8%'%/%H(B(doc-jp)$B$,;29M$N(B
 $B$?$a$KDs6!$9$k$b$N$G(B, doc-jp $B$O(B $B$=$NFbMF$K$D$$$F$$$+$J$kJ]>Z$b$$$?$7$^$;$s(B.
 $BF|K\8lLu$K$D$$$F$N$*Ld$$9g$o$;$O(B doc-jp@jp.FreeBSD.org $B$^$G$*4j$$$7$^$9(B.

--($B$3$3$+$i(B)
=============================================================================
FreeBSD-SA-00:29                                           Security Advisory
                                                                FreeBSD, Inc.

$B%H%T%C%/(B:       wu-ftpd port contains remote root compromise

$BJ,N`(B: 	      ports
$B%b%8%e!<%k(B:     wu-ftpd
$B9pCNF|(B:    $B!!!!(B 2000-07-05
$B%/%l%8%C%H(B:     tf8 <tf8@ZOLO.FREELSD.NET>
$B1F6AHO0O(B:       Ports collection
$B=$@5F|(B:         2000-06-24
$B%Y%s%@$NBP1~(B:   $B%Y%s%@$O<~CN:Q$_(B
FreeBSD $B$K8GM-$+(B:   NO 

I.   $BGX7J(B - Background

 wu-ftpd$B$O?M5$$N$"$k(BFTP$B%5!<%P%W%m%0%i%`$G$9(B.
 
I.  $BLdBj$N>\:Y(B - Problem Description

wu-ftpd $B$N(B port ($B%P!<%8%g%s(B 2.6.0 $B$*$h$S$=$l0JA0$N$b$N(B) $B$K$O(B,
$B%j%b!<%H$N(B anonymous FTP $B%f!<%6$,%m!<%+%k%^%7%s>e$N(B root $B8"8B$GG$0U(B
$B$N%3!<%I$r<B9T$G$-$k$H$$$&%;%-%e%j%F%#>e$N<eE@$,$"$j$^$9(B($BLuCm(B:
anonymous $B$K8B$i$:!"%m%0%$%s2DG=$J%f!<%6$J$iC/$G$b!"$=$N<eE@$r$D$/(B
$B;v$,2DG=$G$9(B).
$B%3!<%I$N<B9T$O(B, $B%3%^%s%IF~NO$K(B FTP $B%5!<%P$,@5$7$/2r@O$G$-$J$$$h$&$J(B
$BJ8;zNs$N%U%)!<%^%C%H;XDj;R$rF~$l$k$3$H$G2DG=$H$J$j$^$9(B.
 
wu-ftpd $B$N(B port $B$O%G%U%)%k%H$G%$%s%9%H!<%k$5$l$^$;$s(B,$B$^$?$=$l$O(B
FreeBSD $B$N0lIt$r9=@.$9$k$b$N$G$b$"$j$^$;$s(B.$B$=$l$O(B,3400$B$r1[$($k%5!<%I(B
$B%Q!<%F%#@=%"%W%j%1!<%7%g%s$,$9$0$K%$%s%9%H!<%k$G$-$k7A$G<}$a$i$l$F$$(B
$B$k(B FreeBSD ports collection $B$N0lIt$G$9(B.$B$3$NLdBj$,H/3P$7$?$N$,%j%j!<%9(B
$B$h$j8e$J$N$G(B,FreeBSD 3.5 $B$H(B 4.0 $B$K<}$a$i$l$F$$$k(B ports collection $B$O(B
$B$3$NLdBj$r4^$s$G$$$^$9(B.
 
FreeBSD $B$G$O(B, $B$3$N$h$&$J%5!<%I%Q!<%F%#@=%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#(B
$BLdBj$KBP$7$F(B, $BFC$K2?$+$r<gD%$9$k$3$H$O$"$j$^$;$s(B($BLuCm(B: Ports Collection
$B$KF~$C$F$$$k$+$i$H$$$C$F(B, FreeBSD $B$N3+H/<T$?$A$,$=$N%"%W%j%1!<%7%g%s(B
$B$,0BA4$G$"$k$HI>2A$7$?$o$1$G$O$"$j$^$;$s(B). $B$?$@$7(B, $B%;%-%e%j%F%#LdBj(B
$B$KBP$7$FBg$-$J1F6A$r;}$D$h$&$J(B ports $B$KBP$9$k%;%-%e%j%F%#4F::$rDs6!$9(B
$B$Y$/(B,$B8=:_EXNOCf$G$9(B. 


III. $B1F6AHO0O(B - Impact

$B%j%b!<%H$N(B anonymous FTP $B%f!<%6$,%m!<%+%k%^%7%s>e$N(B root $B8"8B$GG$0U$N(B
$B%3%^%s%I$r<B9T$9$k$3$H$,2DG=$G$9(B.
($BLuCm(B: anonymous $B$K8B$i$:!"%m%0%$%s2DG=$J%f!<%6$J$iC/$G$b!"$=$N<B9T$,(B
$B2DG=$G$9(B).

$B$b$7(B wu-ftpd $B$N(B port/package $B$r%$%s%9%H!<%k$7$F$$$J$1$l$P(B,$B$3$NLdBj$K4X(B
$B$9$k%;%-%e%j%F%#>e$N<eE@$OB8:_$7$^$;$s(B.

IV.  $BBP1~:v(B - Workaround

wu-ftpd $B$N(B port/package $B$,%$%s%9%H!<%k$5$l$F$$$k>l9g$K$O(B,$B$=$l$r:o=|$7$^$9(B.

V.   $B=$@5=hCV(B - Solution

$B<!$N$&$A$$$:$l$+$r9T$$$^$9(B:
 
1)ports collection $BA4BN$r%"%C%W%0%l!<%I$7(B, wu-ftpd port $B$r:F9=C[$7$^$9(B.

2) $B8E$$(B package $B$r:o=|$7(B,$B=$@5F|8e$K$G$??7$7$$(B package $B$r%$%s%9%H!<%k(B
$B$7$^$9(B,$B?7$7$$(B package $B$O0J2<$N%5%$%H$+$iF~<j$9$k;v$,$G$-$^$9(B:
 
 ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/ftp/wu-ftpd-2.6.0.tar.gz
 ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/ftp/wu-ftpd-2.6.0.tar.gz
 ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-4-stable/ftp/wu-ftpd-2.6.0.tar.gz
 ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/ftp/wu-ftpd-2.6.0.tar.gz
 ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/alpha/packages-5-current/ftp/wu-ftpd-2.6.0.tar.gz

$BCm0U(B: $B%"%C%W%G!<%H$5$l$?(B packages $B$,F~<j2DG=$K$J$k$^$G?tF|$+$+$k$+$b$7(B
$B$l$^$;$s(B.$B%=%U%H%&%'%"$N%P!<%8%g%sHV9f$OJQ$o$C$F$$$J$$$N$G(B, package 
$B%U%!%$%k$N:n@.F|$K5$$r$D$1$F$/$@$5$$(B.

3) $B<!$N%5%$%H$+$i(B wu-ftpd port $B$N?7$7$$(B port $B%9%1%k%H%s$r%@%&%s%m!<%I(B
$B$7$^$9(B:

 http://www.freebsd.org/ports/

$B$=$7$F!"$=$N%9%1%k%H%s$rMQ$$$F(B port $B$r:F9=C[$7$^$9(B.
 
4) $B>e5-$N(B3)$B$r<+F0E*$K9T$&(B portcheckout $B%f!<%F%#%j%F%#$rMxMQ$7$^$9(B. 
portcheckout port $B$O(B/usr/ports/devel/portcheckout $B$h$jF~<j$G$-$^$9(B.
$B$b$7$/$O(B package $B$,<!$N%5%$%H$+$iF~<j$G$-$^$9(B:

ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/devel/portcheckout-1.0.tgz
