[Wzdftpd-security] wzdftpd security advisory 2004-03

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

DATE: 28/10/2004

Topic: multiple vulnerabilities in wzdftpd 0.4.2

Systems affected: wzdftpd 0.4.0, 0.4.1 and 0.4.2
        wzdftpd-cvs: source prior October, 20, 2004

Platforms: all

Severity: medium to high

Fixed: wzdftpd 0.4.3
        wzdftpd-cvs: October, 20, 2004

Description:

    Several different vulnerabilities have been identified in wzdftpd
0.4.2, many of them can lead to a crash or a DoS.

* maximum number of users is not checked correctly when adding users,
causing the server to corrupt groups definitions.

* ident connections were not closed in all cases when many connections
happened in a very short amount of time, causing a file descriptors
leak, and leading to a remote DoS in some cases.

* files with spaces were not handled correctly if using acls but no
generic mode (chmod), causing corruption of .dirinfo

Impact:

    A remote attacker can cause the server to crash or a
denial-of-service situation.
Other problems can lead to file corruptions.

Solution:

    Upgrade to the 0.4.3 version, available here:
https://sourceforge.net/project/showfiles.php?group_id=78247&package_id=79308&release_id=263573

The wzdftpd team.