RedHat Linux ping Buffer Overflow Vulnerability

RedHat Linux ping Buffer Overflow Vulnerability

Solution:
RedHat has released fixed packages.

Trustix recently released several updated packages:

iputils: Fixes serveral problems in ping including a buffer overflow.
gnupg: Fixed a serious bug which could lead to false signature verification results when more than one signature is fed to gpg.

ypbind: Local root exploit. Linux ypbind

Users of TSL 1.0x and 1.1 that worry about local security should definitely upgrade.

MD5sums:
9e2bbf3ddd728da4cbab3ece1ba390b7 gnupg-1.0.4-2tr.i586.rpm
43d503eb306f202c794ca064980574ad iputils-20001011-1tr.i586.rpm
8625657f6edea52b88e0cff1dfff4bb4 ypbind-3.3-29tr.i586.rpm

Get them at:
ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/ or
http://www.trustix.net/download/Trustix/updates/1.1/RPMS/

Wirex has also released an upgrade to fix this problem for Immunix OS 6.2.

RedHat iputils-20000418-6.i386.rpm

Red Hat Inc. 7.0 i386 iputils-20001010-1.i386.rpm
ftp://updates.redhat.com/7.0/i386/iputils-20001010-1.i386.rpm

RedHat iputils-20000121-2.i386.rpm

Red Hat Inc. 6.2 i386 iputils-20001010-1.6x.i386.rpm
ftp://updates.redhat.com/6.2/i386/iputils-20001010-1.6x.i386.rpm

RedHat Linux 6.2 sparc

Red Hat Inc. 6.2 sparc iputils-20001010-1.6x.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/iputils-20001010-1.6x.sparc.rpm

RedHat Linux 6.2 i386

Red Hat Inc. 6.2 i386 iputils-20001010-1.6x.i386.rpm
ftp://updates.redhat.com/6.2/i386/iputils-20001010-1.6x.i386.rpm

RedHat Linux 6.2 alpha

Red Hat Inc. 6.2 alpha iputils-20001010-1.6x.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/iputils-20001010-1.6x.alpha.rpm

RedHat Linux 7.0

Red Hat Inc. 7.0 i386 iputils-20001010-1.i386.rpm
ftp://updates.redhat.com/7.0/i386/iputils-20001010-1.i386.rpm