Mandrake Linux Security Advisory : wu-ftpd (MDKSA-2001:001-2)
Low Nessus Plugin ID 61875
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionWireX discovered a temporary file creation bug in the 2.6.1 release of wu-ftpd. The problem exists in the privatepw helper program. As well, Linux-Mandrake 7.2 users must update to this package as it fixes security problems as discussed in the prior advisory, MDKSA-2000:014, which had not been previously addressed for 7.2.
All of the updated packages for Linux Mandrake versions 6.0 through 7.1 and the packages for Corporate Server 1.0.1 installed the wrong pam support file which prevented anyone from logging into the FTP server.
SolutionUpdate the affected wu-ftpd package.