|
Tmpwatch Recursive Write DoS Vulnerability
Solution: # chmod 400 /etc/cron.daily/tmpwatch # chmod 400 /usr/sbin/tmpwatch # slocate also segfaults on that directory. $ ./a to delete all the ./A/A/A/A/..... directories you own. Red Hat: Red Hat Linux 6.2: alpha: ftp://updates.redhat.com/6.2/alpha/tmpwatch-2.6.2-1.6.2.alpha.rpm sparc: ftp://updates.redhat.com/6.2/sparc/tmpwatch-2.6.2-1.6.2.sparc.rpm i386: ftp://updates.redhat.com/6.2/i386/tmpwatch-2.6.2-1.6.2.i386.rpm sources: ftp://updates.redhat.com/6.2/SRPMS/tmpwatch-2.6.2-1.6.2.src.rpm Red Hat Linux 7.0: i386: ftp://updates.redhat.com/7.0/i386/tmpwatch-2.6.2-1.7.i386.rpm sources: ftp://updates.redhat.com/7.0/SRPMS/tmpwatch-2.6.2-1.7.src.rpm Trustix Secure Linux: All users of TSL should upgrade to the new rpm: tmpwatch-2.6.2-1tr.i586.rpm (MD5sum: 3200b3812bfe6e87f326e240fed0686a) http://www.trustix.net/download/Trustix/updates/1.1/RPMS/ or ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/ Mandrake: Linux-Mandrake 6.0: d6e7442f4c3a9af30e9158e7ae9ecf72 6.0/RPMS/tmpwatch-2.6.2-1mdk.i586.rpm 93541933fc92134a4954db3decbe2b31 6.0/SRPMS/tmpwatch-2.6.2-1mdk.src.rpm Linux-Mandrake 6.1: 04b86f78b1bf908219c5ddc94767c7a8 6.1/RPMS/tmpwatch-2.6.2-1mdk.i586.rpm 93541933fc92134a4954db3decbe2b31 6.1/SRPMS/tmpwatch-2.6.2-1mdk.src.rpm Linux-Mandrake 7.0: 07267b2907b9e9454a967c4323b17f17 7.0/RPMS/tmpwatch-2.6.2-1mdk.i586.rpm 93541933fc92134a4954db3decbe2b31 7.0/SRPMS/tmpwatch-2.6.2-1mdk.src.rpm Linux-Mandrake 7.1: 04e2717f14f0b4f8f991ea9cc0926b2e 7.1/RPMS/tmpwatch-2.6.2-1mdk.i586.rpm 93541933fc92134a4954db3decbe2b31 7.1/SRPMS/tmpwatch-2.6.2-1mdk.src.rpm Immunix: Packages for this update for Immunix OS 6.2 (StackGuarded versions of the RedHat packages.) can be found at: http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/tmpwatch-2.6.2-1.6.2_StackGuard.i386.rpm or http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/tmpwatch-2.6.2-1.6.2_StackGuard.src.rpm |
|
|
Privacy Statement |
