Subject: Re: traceroute vulnerability?
From: Charles Stevenson (csteven@terraplex.com)
Date: Mon Oct 23 2000 - 17:29:57 MDT
You can `rpm --rebuild` the Red Hat 7 source rpm if you are concerned. Although
the likelyhood of a person having local access to your machine and enough
power pc assembly and buffer overflow knowledge to exploit it is probably zero
to none. It will be updated with YDL 2.0.
We do keep a good eye on securityfocus.com's bugtraq :)
Regards,
Chales
On this day, Mon, 23 Oct 2000, Nathaniel Irons wrote:
> LWN has been talking about a possible local root exploit for
> traceroute since early October.
>
> <http://lwn.net/2000/1019/security.php3#traceroute>
> <http://listserv.securityportal.com/SCRIPTS/WA-SECURITYPORTAL.EXE?A2=ind0009&L=LINUX-SECURITY&P=R5573>
>
> YDL's traceroute (1.4b5) appears to be vulnerable. Any word on an
> update?
>
> -nat
-- Terra Soft Solutions, Inc. http://www.terrasoftsolutions.comYellow Dog Linux http://www.yellowdoglinux.com
Black Lab Linux http://www.blacklablinux.com
This archive was generated by hypermail 2a24 : Mon Oct 23 2000 - 17:45:28 MDT