[17285] in bugtraq
Re: [RHSA-2000:087-02] Potential security problems in ping fixed.
daemon@ATHENA.MIT.EDU (Vanja Hrustic)
Fri Oct 20 19:50:09 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.10010210003230.2791-100000@emx.siamrelay.com>
Date: Sat, 21 Oct 2000 00:11:44 +0700
Reply-To: vanja@RELAYGROUP.COM
From: Vanja Hrustic <vanja@RELAYGROUP.COM>
X-To: "van der Kooij, Hugo" <Hugo.van.der.Kooij@CAIW.NL>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.10.10010201408220.2643-100000@bastion.hugo.vanderkooij.org>
On Fri, 20 Oct 2000, van der Kooij, Hugo wrote:
> > [snip]
> >
> > Does this apply to 6.0 as well?
>
> As a rule of thumb:
> Any fix for 6.x is for all version of 6.x So if one is announced for 6.2
> you should considere 6.0 and 6.1 as suspect as well.
>
> Hugo.
[root@prod bin]# rpm -qf /bin/ping
netkit-base-0.10-37
[root@prod bin]# cat /etc/redhat-release
Red Hat Linux release 6.1 (Cartman)
[root@prod bin]#
[root@test bin]# rpm -qf /bin/ping
iputils-20001010-1.6x
[root@test bin]# cat /etc/redhat-release
Red Hat Linux release 6.2 (Zoot)
[root@test bin]#
Ping is not the part of the same package in these 2 releases. --force
might work, but I'll wait for someone else to try first :)
btw, on RH 6.1:
[root@prod bin]# ping -c 1 -s 65690 localhost
WARNING: packet size 65690 is too large. Maximum is 65507
Segmentation fault (core dumped)
[root@prod bin]#
Vanja
