Mandrake Linux Security Advisory : wu-ftpd (MDKSA-2001:001-2)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing a security update.

Description :

WireX discovered a temporary file creation bug in the 2.6.1 release of
wu-ftpd. The problem exists in the privatepw helper program. As well,
Linux-Mandrake 7.2 users must update to this package as it fixes
security problems as discussed in the prior advisory, MDKSA-2000:014,
which had not been previously addressed for 7.2.

Update :

All of the updated packages for Linux Mandrake versions 6.0 through
7.1 and the packages for Corporate Server 1.0.1 installed the wrong
pam support file which prevented anyone from logging into the FTP
server.

Solution :

Update the affected wu-ftpd package.

Risk factor :

Low / CVSS Base Score : 1.2
(CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 61875 ()

Bugtraq ID:

CVE ID: CVE-2001-0138

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now