Rapid7 Vulnerability & Exploit Database

RHSA-2003:084: Updated vsftpd packages re-enable tcp_wrappers support

Back to Search

RHSA-2003:084: Updated vsftpd packages re-enable tcp_wrappers support

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
04/11/2003
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated vsftpd packages that re-enable tcp_wrappers support are available for Red Hat Linux 9.

In Red Hat Linux 9, the vsftpd FTP daemon switched from being run by xinetd to being run as a standalone service. In doing so, it was accidentally not compiled against tcp_wrappers. Users of vsftpd who make use of tcp_wrappers features are advised to upgrade to these errata packages. This issue only affects Red Hat Linux 9 boxed sets manufactured for distribution within the United States. The part numbers, which can be found on the bottom flap of the box, are RHF0120US and RHF0121US. Copies of Red Hat Linux 9 obtained through other means (such as from Red Hat Network, FTP, or international boxed sets) already contain the packages referenced by this erratum, and are not vulnerable to this issue.

Solution(s)

  • redhat-upgrade-vsftpd

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;