5029924 2000-04-21 22:01 /141 rader/ Postmaster Mottagare: Red Hat Announce (import) <1469> Ärende: [RHSA-2000:016-02] imwheel buffer overflow ------------------------------------------------------------ MBOX-Line: From redhat-announce-list-request@redhat.com Fri Apr 21 15:45:38 2000 Resent-Date: 21 Apr 2000 19:45:36 -0000 Resent-Cc: recipient list not shown: ; MBOX-Line: From redhat-watch-list-request@redhat.com Fri Apr 21 15:45:22 2000 Message-Id: <200004211945.PAA08885@lacrosse.corp.redhat.com> Content-transfer-encoding: 8bit To: redhat-watch-list@redhat.com From: bugzilla@redhat.com Cc: bugtraq@securityfocus.com, linux-security@redhat.com Content-type: text/plain; charset="iso-8859-1" Mime-version: 1.0 Date: Fri, 21 Apr 2000 15:45 -0400 Resent-Message-ID: <"4n7Oz.0.IP2.H_A0v"@lists.redhat.com> Resent-From: redhat-watch-list@redhat.com Reply-To: redhat-watch-list@redhat.com X-Mailing-List: <redhat-watch-list@redhat.com> archive/latest/50 X-Loop: redhat-watch-list@redhat.com X-URL: http://www.redhat.com X-Loop: redhat-announce-list@redhat.com Precedence: list Resent-Sender: redhat-announce-list-request@redhat.com X-URL: http://www.redhat.com --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: imwheel buffer overflow Advisory ID: RHSA-2000:016-02 Issue date: 2000-04-20 Updated on: 2000-04-21 Product: Red Hat Powertools Keywords: imwheel buffer imwheel-solo Cross references: N/A --------------------------------------------------------------------- 1. Topic: A buffer overflow exists in imwheel 2. Relevant releases/architectures: Red Hat Powertools 6.1 - i386 alpha sparc Red Hat Powertools 6.2 - i386 alpha sparc 3. Problem description: A vulnerability exists in the imwheel package where local users can execute arbitrary commands as root. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): N/A 6. Obsoleted by: N/A 7. Conflicts with: N/A 8. RPMs required: Red Hat Powertools 6.1: intel: ftp://updates.redhat.com/powertools/6.1/i386/imwheel-0.9.8-1.i386.rpm alpha: ftp://updates.redhat.com/powertools/6.1/alpha/imwheel-0.9.8-1.alpha.rpm sparc: ftp://updates.redhat.com/powertools/6.1/sparc/imwheel-0.9.8-1.sparc.rpm sources: ftp://updates.redhat.com/powertools/6.1/SRPMS/imwheel-0.9.8-1.src.rpm Red Hat Powertools 6.2: intel: ftp://updates.redhat.com/powertools/6.2/i386/imwheel-0.9.8-1.i386.rpm alpha: ftp://updates.redhat.com/powertools/6.2/alpha/imwheel-0.9.8-1.alpha.rpm sparc: ftp://updates.redhat.com/powertools/6.2/sparc/imwheel-0.9.8-1.sparc.rpm sources: ftp://updates.redhat.com/powertools/6.2/SRPMS/imwheel-0.9.8-1.src.rpm 9. Verification: MD5 sum Package Name -------------------------------------------------------------------------- fa97ae01087560b01ef0c08266e097b5 6.1/sparc/imwheel-0.9.8-1.sparc.rpm 921c50608059cd74840d070e5f538202 6.1/SRPMS/imwheel-0.9.8-1.src.rpm 0350d5be826d54f80948f4a4e9de6101 6.1/i386/imwheel-0.9.8-1.i386.rpm f1cc900d060fec5546a229f0a7a4d48d 6.1/alpha/imwheel-0.9.8-1.alpha.rpm fa97ae01087560b01ef0c08266e097b5 6.2/sparc/imwheel-0.9.8-1.sparc.rpm 0350d5be826d54f80948f4a4e9de6101 6.2/i386/imwheel-0.9.8-1.i386.rpm f1cc900d060fec5546a229f0a7a4d48d 6.2/alpha/imwheel-0.9.8-1.alpha.rpm 921c50608059cd74840d070e5f538202 6.2/SRPMS/imwheel-0.9.8-1.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg <filename> 10. References: http://www.securityfocus.com/vdb/bottom.html?vid=1060 -- To unsubscribe: mail redhat-watch-list-request@redhat.com with "unsubscribe" as the Subject. -- To unsubscribe: mail -s unsubscribe redhat-announce-list-request@redhat.com < /dev/null (5029924) ------------------------------------------(Ombruten)