Package : wu-ftpd
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0148 CAN-2004-0185
Two vulnerabilities were discovered in wu-ftpd:
CAN-2004-0148 - Glenn Stewart discovered that users could bypass the
directory access restrictions imposed by the restricted-gid option by
changing the permissions on their home directory. On a subsequent
login, when access to the user's home directory was denied, wu-ftpd
would fall back to the root directory.
CAN-2004-0185 - A buffer overflow existed in wu-ftpd's code which
deals with S/key authentication.
For the stable distribution (woody) these problems have been fixed in
version 2.6.2-3woody4.
For the unstable distribution (sid) these problems have been fixed in
version 2.6.2-17.1.
We recommend that you update your wu-ftpd package.
http://www.opennet.ru/base/linux/107885 ... 1.txt.html
думаю, те кому это относится поймут.