18466 – traceroute: local root exploit now exists

Bug 18466 - traceroute: local root exploit now exists

Summary: traceroute: local root exploit now exists

Keywords:
Status:	CLOSED DUPLICATE of bug 13466
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	traceroute
Sub Component:
Version:	6.2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Crutcher Dunnavant
QA Contact:	Aaron Brown
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2000-10-05 20:46 UTC by Chris Evans
Modified:	2007-04-18 16:29 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2000-10-06 14:10:31 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Chris Evans 2000-10-05 20:46:06 UTC

Hmm - we fixed a dodgy traceroute flaw for RH7.0. So RH7.0 is safe.
However it now turns out that this dodgy flaw is in fact exploitable.
Bugtraq reference:
http://www.securityfocus.com/archive/1/137778
To be honest, a rebuild of the RH7.0 SRPM is a quick and easy fix :-)
For original RH7.0 bug see bug #13466

Comment 1 Jeff Johnson 2000-10-08 09:00:37 UTC


*** This bug has been marked as a duplicate of 13466 ***

Note You need to log in before you can comment on or make changes to this bug.