[2869] in SIPB_Linux_Development
Returned mail: User unknown
daemon@ATHENA.MIT.EDU (Mail Delivery Subsystem)
Tue May 16 14:42:02 2000
Date: Tue, 16 May 00 14:41:29 EDT
From: MAILER-DAEMON@MIT.EDU (Mail Delivery Subsystem)
To: <linux-dev@MIT.EDU>
----- Transcript of session follows -----
>>> QUIT
<<< 421 Service temporarily unavailable. Please try again later
451 <brettvascon@yahoo.com>,<dratajcz@yahoo.com>... reply: read error
451 <brettvascon@yahoo.com>,<dratajcz@yahoo.com>... reply: read error
>>> RCPT To:<davidhong@WORLDNET.ATT.NET>
<<< 550 Invalid recipient: <davidhong@WORLDNET.ATT.NET>
550 <davidhong@WORLDNET.ATT.NET>... User unknown
----- Unsent message follows -----
Received: from GRAND-CENTRAL-STATION.MIT.EDU by MIT.EDU with SMTP
id AA07099; Tue, 16 May 00 14:41:29 EDT
Received: from melbourne-city-street.MIT.EDU (MELBOURNE-CITY-STREET.MIT.EDU [18.69.0.45])
by grand-central-station.MIT.EDU (8.9.2/8.9.2) with ESMTP id OAA16202
for <linux-announce@mit.edu>; Tue, 16 May 2000 14:41:30 -0400 (EDT)
Received: from quiche-lorraine.mit.edu (QUICHE-LORRAINE.MIT.EDU [18.187.1.71])
by melbourne-city-street.MIT.EDU (8.9.3/8.9.2) with ESMTP id OAA05776
for <linux-announce@MIT.EDU>; Tue, 16 May 2000 14:41:30 -0400 (EDT)
Received: by quiche-lorraine.mit.edu (8.8.7/4.7) id OAA26474; Tue, 16 May 2000 14:41:30 -0400
Sender: amu@QUICHE-LORRAINE.MIT.EDU
To: linux-announce@MIT.EDU
Subject: IMPORTANT Kerberos patch
From: amu@MIT.EDU (Aaron M. Ucko)
Date: 16 May 2000 14:41:30 -0400
Message-Id: <udlr9b2jq1x.fsf@quiche-lorraine.mit.edu>
Lines: 32
User-Agent: Gnus/5.0803 (Gnus v5.8.3) Emacs/20.4.92
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
It has recently been discovered that there are buffer overrun
vulnerabilities in the MIT Kerberos implementation used in the Athena
environment. This vulnerability has not been widely known until right
about now. The impact of the vulnerability is a remote root exploit
of any Athena workstation running any Kerberized daemon. Kerberized
login programs are also vulnerable, although the exploit is much
more difficult.
If you are the administrator of a machine running Red Hat 5.2 with
SIPB's Athena packages, you should install the fix as soon as possible
by logging in to the machine as root and running the command
attach linux; /mit/linux/update.pl
As a bonus, the update script will also install all of the updates Red
Hat has issued for 5.2.
If your machine has a partial Athena install that lacks attach, or if
you would prefer to update it by hand, you can find the fixed packages
in /afs/sipb.mit.edu/project/linux/packages/5.2/RPMS/i386, or in the
directory /redhat/5.2/i386/RedHat/RPMS on the NFS server
sipb-nfs.mit.edu.
NOTE 1: You can safely ignore any errors the script gives about being
unable to upgrade the (srvd-)athena-emacs-elisp package.
NOTE 2: Due to a longstanding packaging bug, you may lose legitimate
changes to rarely-modified Athena files we forgot to classify as
configuration files. It would be wise to make backup copies accordingly.
--
Aaron M. Ucko, KB1CJC <amu@mit.edu> (finger amu@monk.mit.edu)