Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 89036 - remote root in RH8
remote root in RH8
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: distribution (Show other bugs)
8.0
All Linux
high Severity medium
: ---
: ---
Assigned To: Mark J. Cox
Ed Bailey
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-04-16 15:39 EDT by Justin Mason
Modified: 2007-03-27 00:03 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-04-22 06:07:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Justin Mason 2003-04-16 15:39:18 EDT 
Folks -- I'm pretty sure I've found a remote-root hole in the default install of
Red Hat 8.0.  I'm on x86, but I think it would be present on all archs.

Before I provide the details though (and fix the component ;), is the public
bugzilla the correct forum for this?

Version-Release number of selected component (if applicable):
to be filled out...

How reproducible:
Always

Steps to Reproduce:
1. to be filled out...
Comment 1 Ed Bailey 2003-04-16 16:08:46 EDT 
Thanks for taking the time to contact us.

I'm changing the component to "distribution" to more properly reflect the nature
of what you're reporting.  I'll leave it to the component owner to determine how
best to proceed in this matter...
Comment 2 Mark J. Cox 2003-04-17 03:55:03 EDT 
We'd prefer that for non-public issues you contact our security response team at
security@redhat.com who'll be able to work with you on the issue.  

More contact details, GPG keys, and so on at
http://www.redhat.com/solutions/security/news/contact.html
Comment 3 Mark J. Cox 2003-04-22 06:07:00 EDT 
Issue is not a remote root but a DoS, and is fixed in Red Hat Linux 9 and above.
 Being dealt with by security@redhat.com, closing bug.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.