[ale] What's this guy doing?
Michael Hirsch
hirsch at mathcs.emory.edu
Mon Apr 12 14:39:37 EDT 1999
Jim Popovitch writes:
> Michael, Is this what you are talking about? If so, where can I find more
> specifics on this bug?
Oops. You are right--this bug was not in RH 5.2, but it was in 5.1.
My bad.
It must be popular not to fix this bug. I still get people probing
my machine with this even though the fix has been out since August.
I tried looking this up at www.rootshell.com, but they don't seem to
be up right now.
--Michael
> -----------------------------------
> Cert has released an update on security vulnerabilities in Unix NFS server
> (rpc.mountd) security hole that affected various distributions. The update
> states that all versions of Red Hat Linux are vulnerable, which was correct
> at the time the original alert was released. The 5.2 release had this
> corrected before the release and thus is NOT vulnerable.
>
> Users do NOT need to download or upgrade any package at this time.
>
> From:
> http://www.redhat.com/support/docs/rhl/rh52-errata-general.html
>
>
>
> -----Original Message-----
> From: Michael Hirsch <hirsch at mathcs.emory.edu>
> >
> >This is a known flaw in the nfs server. It has been fixed, but you
> >may need to upgrade. You can check the redhat errata page for more
> >info. (If you use RH, it was fixed after 5.2 came out so you do need
> >to get the new one.)
> >
> >--Michael
> >
>
More information about the Ale
mailing list