LinuxSecurity.com: Conectiva: 'traceroute' local root exploit -----Original Message----- From: Radu Blanovschi [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 03, 2000 10:22 AM To: Ovidiu Valeanu Subject: LinuxSecurity.com Conectiva 'traceroute' local root exploit.htm ---------------------------------------------------------------------------- ---- ---------------------------------------------------------------------------- ---- Caldera Corel Debian FreeBSD LinuxPPC Mandrake NetBSD OpenBSD Other Red Hat Slackware Stampede StormLinux SuSE TurboLinux Advisories: Caldera 9/30/2000 15:00 ----------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT ----------------------------------------------------------------------- PACKAGE : traceroute SUMMARY : Traceroute local root exploit DATE : 2000-09-30 15:55:00 RELEVANT RELEASES : 4.0, 4.0es, 4.1, 4.2, 5.0, prg gr�ficos, ecommerce, 5.1 ---------------------------------------------------------------------- DESCRIPTION Previous releases of traceroute contained some problems that could be exploited to gain local root access. SOLUTION All users should upgrade the traceroute package. Many people contributed to this new version: Pekka Savola (who first found the vulnerability), Chris Evans, Tim Robbins and others, and also the maintainers of traceroute. DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/traceroute-1.4a7-2cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.0/i386/traceroute-1.4a7-2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/traceroute-1.4a7-2cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.0es/i386/traceroute-1.4a7-2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/traceroute-1.4a7-2cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.1/i386/traceroute-1.4a7-2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/traceroute-1.4a7-2cl.src.rpm ftp://atualizacoes.conectiva.com.br/4.2/i386/traceroute-1.4a7-2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/traceroute-1.4a7-2cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.0/i386/traceroute-1.4a7-2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/traceroute-1.4a7-2cl.src.rpm ftp://atualizacoes.conectiva.com.br/5.1/i386/traceroute-1.4a7-2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/traceroute-1 .4a7-2cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/traceroute-1. 4a7-2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/traceroute-1. 4a7-2cl.src.rpm ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/traceroute-1.4 a7-2cl.i386.rpm ---------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key can be obtained at http://www.conectiva.com.br/contato ---------------------------------------------------------------------- Contact Us | Legal Notice | About Our Site � Guardian Digital, Inc., 2000 --- Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to unsubscribe from this list.
