[2869] in SIPB_Linux_Development

home help back first fref pref prev next nref lref last post

Returned mail: User unknown

daemon@ATHENA.MIT.EDU (Mail Delivery Subsystem)
Tue May 16 14:42:02 2000

Date: Tue, 16 May 00 14:41:29 EDT
From: MAILER-DAEMON@MIT.EDU (Mail Delivery Subsystem)
To: <linux-dev@MIT.EDU>

   ----- Transcript of session follows -----
>>> QUIT
<<< 421 Service temporarily unavailable. Please try again later
451 <brettvascon@yahoo.com>,<dratajcz@yahoo.com>... reply: read error
451 <brettvascon@yahoo.com>,<dratajcz@yahoo.com>... reply: read error
>>> RCPT To:<davidhong@WORLDNET.ATT.NET>
<<< 550 Invalid recipient: <davidhong@WORLDNET.ATT.NET>
550 <davidhong@WORLDNET.ATT.NET>... User unknown

   ----- Unsent message follows -----
Received: from GRAND-CENTRAL-STATION.MIT.EDU by MIT.EDU with SMTP
	id AA07099; Tue, 16 May 00 14:41:29 EDT
Received: from melbourne-city-street.MIT.EDU (MELBOURNE-CITY-STREET.MIT.EDU [18.69.0.45])
	by grand-central-station.MIT.EDU (8.9.2/8.9.2) with ESMTP id OAA16202
	for <linux-announce@mit.edu>; Tue, 16 May 2000 14:41:30 -0400 (EDT)
Received: from quiche-lorraine.mit.edu (QUICHE-LORRAINE.MIT.EDU [18.187.1.71])
	by melbourne-city-street.MIT.EDU (8.9.3/8.9.2) with ESMTP id OAA05776
	for <linux-announce@MIT.EDU>; Tue, 16 May 2000 14:41:30 -0400 (EDT)
Received: by quiche-lorraine.mit.edu (8.8.7/4.7) id OAA26474; Tue, 16 May 2000 14:41:30 -0400
Sender: amu@QUICHE-LORRAINE.MIT.EDU
To: linux-announce@MIT.EDU
Subject: IMPORTANT Kerberos patch
From: amu@MIT.EDU (Aaron M. Ucko)
Date: 16 May 2000 14:41:30 -0400
Message-Id: <udlr9b2jq1x.fsf@quiche-lorraine.mit.edu>
Lines: 32
User-Agent: Gnus/5.0803 (Gnus v5.8.3) Emacs/20.4.92
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii

It has recently been discovered that there are buffer overrun
vulnerabilities in the MIT Kerberos implementation used in the Athena
environment.  This vulnerability has not been widely known until right
about now.  The impact of the vulnerability is a remote root exploit
of any Athena workstation running any Kerberized daemon.  Kerberized
login programs are also vulnerable, although the exploit is much
more difficult.

If you are the administrator of a machine running Red Hat 5.2 with
SIPB's Athena packages, you should install the fix as soon as possible
by logging in to the machine as root and running the command

        attach linux; /mit/linux/update.pl

As a bonus, the update script will also install all of the updates Red
Hat has issued for 5.2.

If your machine has a partial Athena install that lacks attach, or if
you would prefer to update it by hand, you can find the fixed packages
in /afs/sipb.mit.edu/project/linux/packages/5.2/RPMS/i386, or in the
directory /redhat/5.2/i386/RedHat/RPMS on the NFS server
sipb-nfs.mit.edu.

NOTE 1: You can safely ignore any errors the script gives about being
unable to upgrade the (srvd-)athena-emacs-elisp package.

NOTE 2: Due to a longstanding packaging bug, you may lose legitimate
changes to rarely-modified Athena files we forgot to classify as
configuration files.  It would be wise to make backup copies accordingly.

-- 
Aaron M. Ucko, KB1CJC <amu@mit.edu> (finger amu@monk.mit.edu)

home help back first fref pref prev next nref lref last post