{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P>Linux</P>  <UL>    <LI>Mandrake 6.0, 6.1, 7.0, 7.1, 7.2 ;</LI>    <LI>Debian ;</LI>    <LI>Toute autre version sur laquelle a \u00e9t\u00e9 install\u00e9e Wu-FTPd    ;</LI>  </UL>","content":"## Description\n\nPlusieurs mises \u00e0 jours successives de Wu-FTPd ont \u00e9t\u00e9 publi\u00e9es par\nMandrake suite \u00e0 une vuln\u00e9rabilit\u00e9 dans la gestion de fichiers\ntemporaires.\n\nUn correctif de la vuln\u00e9rabilit\u00e9 concernant l'utilisation de fichiers\ntemporaires de fa\u00e7on non s\u00fbre, a aussi \u00e9t\u00e9 d\u00e9velopp\u00e9 par Debian.\n\nD'autres syst\u00e8mes peuvent \u00eatre touch\u00e9s.\n\nLe site Wu-FTPd :\n\n    http://www.wu-ftpd.org/\n\nn'a pas encore publi\u00e9 d'avis, ou de mise \u00e0 jour, mais il fautrester\nvigilant.\n\n## Solution\n\nAppliquer les correctifs publi\u00e9s par les \u00e9diteurs :\n\n-   Pour Linux Mandrake aller sur le site suivant pour choisir un site\n    miroir de t\u00e9l\u00e9chargement :\n\n        http://www.linux-mandrake.com/en/ftp.php3\n\n    Puis, ajoutez la fin de l'adresse du site de t\u00e9l\u00e9chargement en\n    fonction du fichier \u00e0 t\u00e9l\u00e9charger :\n\n    -   Linux-Mandrake 6.0:\n        -   6.0/RPMS/wu-ftpd-2.6.1-8.4mdk.i586.rpm\n        -   6.0/SRPMS/wu-ftpd-2.6.1-8.4mdk.src.rpm\n    -   Linux-Mandrake 6.1:\n        -   6.1/RPMS/wu-ftpd-2.6.1-8.4mdk.i586.rpm\n        -   6.1/SRPMS/wu-ftpd-2.6.1-8.4mdk.src.rpm\n    -   Linux-Mandrake 7.0:\n        -   7.0/RPMS/wu-ftpd-2.6.1-8.4mdk.i586.rpm\n        -   7.0/SRPMS/wu-ftpd-2.6.1-8.4mdk.src.rpm\n    -   Linux-Mandrake 7.1:\n        -   7.1/RPMS/wu-ftpd-2.6.1-8.4mdk.i586.rpm\n        -   7.1/SRPMS/wu-ftpd-2.6.1-8.4mdk.src.rpm\n    -   Linux-Mandrake 7.2:\n        -   7.2/RPMS/wu-ftpd-2.6.1-8.3mdk.i586.rpm\n        -   7.2/SRPMS/wu-ftpd-2.6.1-8.3mdk.src.rpm\n    -   Corporate Server 1.0.1:\n        -   1.0.1/RPMS/wu-ftpd-2.6.1-8.4mdk.i586.rpm\n        -   1.0.1/SRPMS/wu-ftpd-2.6.1-8.4mdk.src.rpm\n\n-   Debian 2.2 (potato)\n    -   Sources :\n\n            http://security.debian.org/dists/stable/updates/main/source/wu-ftpd_2.6.0.orig.tar.gz\n\n            http://security.debian.org/dists/stable/updates/main/source/wu-ftpd_2.6.0-5.2.dsc\n\n            http://security.debian.org/dists/stable/updates/main/source/wu-ftpd_2.6.0-5.2.diff.gz\n\n    -   alpha:\n\n            http://security.debian.org/dists/stable/updates/main/binary-alpha/wu-ftpd_2.6.0-5.2_alpha.deb\n\n    -   arm:\n\n            http://security.debian.org/dists/stable/updates/main/binary-arm/wu-ftpd_2.6.0-5.2_arm.deb\n\n    -   i386:\n\n            http://security.debian.org/dists/stable/updates/main/binary-i386/wu-ftpd_2.6.0-5.2_i386.deb\n\n    -   m68k:\n\n            http://security.debian.org/dists/stable/updates/main/binary-m68k/wu-ftpd_2.6.0-5.2_m68k.deb\n\n    -   powerpc:\n\n            http://security.debian.org/dists/stable/updates/main/binary-powerpc/wu-ftpd_2.6.0-5.2_powerpc.deb\n\n    -   sparc:\n\n            http://security.debian.org/dists/stable/updates/main/binary-sparc/wu-ftpd_2.6.0-5.2_sparc.deb\n","cves":[],"links":[{"title":"Bulletins de s\u00e9curit\u00e9 :","url":"http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-001.php3?dis=7.2"}],"reference":"CERTA-2001-AVI-007","revisions":[{"description":"version initiale.","revision_date":"2001-01-24T00:00:00.000000"}],"risks":[{"description":"Destruction de syst\u00e8me"},{"description":"D\u00e9ni de service"},{"description":"D\u00e9t\u00e9rioration de configuration"}],"summary":"Des mises \u00e0 jour corrigeant des vuln\u00e9rabilit\u00e9s de Wu-FTPd ont \u00e9t\u00e9\nd\u00e9velopp\u00e9es par diff\u00e9rents \u00e9diteurs de Linux.\n","title":"Mise \u00e0 jour de Wu-FTPd","vendor_advisories":[{"published_at":null,"title":"Avis de S\u00e9curit\u00e9 Debian et Mandrake","url":null}]}