TUCoPS :: Linux :: Red Hat/Fedora :: rping.htm

Redhat 6.2 to 7.0 ping vulnerability - update 
Vulnerability

    ping

Affected

    RedHat 6.2...7.0(J)

Description

    Foollowing  is  based  on  a  Advisory RHSA-2000:087-02 by RedHat.
    Several problems in ping are fixed:

        1) Root privileges are dropped after acquiring a raw socket.
        2) An 8 byte overflow of a static buffer "outpack" is prevented.
        3) An overflow of a static buffer "buf" is prevented.

    A non-exploitable root only segfault is fixed as well.

Solution

    RPMs required:

        ftp://updates.redhat.com/6.2/alpha/iputils-20001010-1.6x.alpha.rpm
        ftp://updates.redhat.com/6.2/sparc/iputils-20001010-1.6x.sparc.rpm
        ftp://updates.redhat.com/6.2/i386/iputils-20001010-1.6x.i386.rpm
        ftp://updates.redhat.com/6.2/SRPMS/iputils-20001010-1.6x.src.rpm
        ftp://updates.redhat.com/7.0/i386/iputils-20001010-1.i386.rpm
        ftp://updates.redhat.com/7.0/SRPMS/iputils-20001010-1.src.rpm

    Update for  Immunix OS  6.2 (StackGuarded  versions of  the RedHat
    packages) can be found at:

        http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/iputils-20001010-1.6x_StackGuard.i386.rpm
        http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/iputils-20001010-1.6x_StackGuard.src.rpm

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH