[16969] in bugtraq
Conectiva Linux Security Announcement - traceroute
daemon@ATHENA.MIT.EDU (secure@CONECTIVA.COM.BR)
Sat Sep 30 16:17:55 2000
Message-Id: <200009301856.PAA30901@distro.conectiva.com.br>
Date: Sat, 30 Sep 2000 15:56:05 -0300
Reply-To: secure@CONECTIVA.COM.BR
From: secure@CONECTIVA.COM.BR
X-To: lwn@lwn.net, security-alert@linuxsecurity.com,
linuxlist@securityportal.com
To: BUGTRAQ@SECURITYFOCUS.COM
-----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
-----------------------------------------------------------------------
PACKAGE : traceroute
SUMMARY : Traceroute local root exploit
DATE : 2000-09-30 15:55:00
RELEVANT
RELEASES : 4.0, 4.0es, 4.1, 4.2, 5.0, prg graficos, ecommerce, 5.1
----------------------------------------------------------------------
DESCRIPTION
Previous releases of traceroute contained some problems that could be
exploited to gain local root access.
SOLUTION
All users should upgrade the traceroute package.
Many people contributed to this new version: Pekka Savola (who first
found the vulnerability), Chris Evans, Tim Robbins and others, and
also the maintainers of traceroute.
DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/traceroute-1.4a7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/traceroute-1.4a7-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/traceroute-1.4a7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/traceroute-1.4a7-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/traceroute-1.4a7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/traceroute-1.4a7-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/traceroute-1.4a7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/traceroute-1.4a7-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/traceroute-1.4a7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/traceroute-1.4a7-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/traceroute-1.4a7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/traceroute-1.4a7-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/traceroute-1.4a7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/traceroute-1.4a7-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/traceroute-1.4a7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/traceroute-1.4a7-2cl.i386.rpm
----------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key can be
obtained at http://www.conectiva.com.br/contato
----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe@bazar.conectiva.com.br
unsubscribe: atualizacoes-anuncio-unsubscribe@bazar.conectiva.com.br
