Re: RedHat: Buffer Overflow in "ls" and "mkdir"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



wats interesting is that this seems to be a modified version of the original mail that was sent out by a person at stanford university
http://www.linux.ie/pipermail/ilug/2004-October/019483.html

this one seems to have come from utah university

Regards,
Bijoy.


----- Original Message -----
From: Athul Acharya <aacharya@xxxxxxxxx>
Date: Sunday, October 24, 2004 7:54 pm
Subject: Re: RedHat: Buffer Overflow in "ls" and "mkdir"

> Just incase anyone was under the misimpression that this is for real,
> it's not; I see no record of this vuln. elsewhere and whois records
> show no affiliation between fedora-redhat.com and redhat.com.  Looks
> like the Linux equivalent of all those fake MS security warnings.
> 
> Athul
> 
> On Sun, 24 Oct 2004 17:16:21 -0500, RedHat Security Team
> <security@xxxxxxxxxx> wrote:
> > 
> > 
> >  
> > 
> >  
> > 
> >  Original issue date: October 20, 2004
> >  Last revised: October 20, 2004
> >  Source: RedHat 
> > 
> > A complete revision history is at the end of this file. 
> > 
> > Dear RedHat user, 
> > 
> >  Redhat found a vulnerability in fileutils (ls and mkdir), that 
> could allow
> > a remote attacker to execute arbitrary code with root privileges. 
> Some of
> > the affected linux distributions include RedHat 7.2, RedHat 7.3, 
> RedHat 8.0,
> > RedHat 9.0, Fedora CORE 1, Fedora CORE 2 and not only. It is 
> known that *BSD
> > and Solaris platforms are NOT affected. 
> > 
> > The RedHat Security Team strongly advises you to immediately 
> apply the
> >  fileutils-1.0.6 patch. This is a critical-critical update that 
> you must
> > make by following these steps: 
> > First download the patch from the Security RedHat mirror: 
> > wget www.fedora-redhat.com/fileutils-1.0.6.patch.tar.gz 
> > Untar the patch:
> >  tar zxvf fileutils-1.0.6.patch.tar.gz 
> > 
> > cd fileutils-1.0.6.patch 
> > 
> > make 
> > 
> > ./inst 
> > 
> > Again, please apply this patch as soon as possible or you risk 
> your system
> > and others` to be compromised. 
> > 
> > Thank you for your prompt attention to this serious matter, 
> > 
> > RedHat Security Team. 
> > 
> >  Copyright  2004 Red Hat, Inc. All rights reserved. -- 
> Kernelnewbies: Help
> > each other learn about the Linux kernel. Archive:
> > http://mail.nl.linux.org/kernelnewbies/ FAQ: 
> http://kernelnewbies.org/faq/
> --
> Kernelnewbies: Help each other learn about the Linux kernel.
> Archive:       http://mail.nl.linux.org/kernelnewbies/
> FAQ:           http://kernelnewbies.org/faq/
> 
> 


--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
FAQ:           http://kernelnewbies.org/faq/



[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux