[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [linux-security] util-linux login vulnerability
On Tue, Oct 23, 2001 at 04:24:05PM -0700, Martin Siegert wrote:
> Topic
> =====
> The login program from the util-linux package can be used to gain other
> user's credentials.
>
> Solution
> ========
>
> RedHat 7.1
> ----------
> rpm -Fvh util-linux-2.11f-11.7.1.i386.rpm
>
> RedHat 7.2
> ----------
> rpm -Fvh util-linux-2.11f-12.i386.rpm
The RPMs mentioned above contain bugs that affect telnet and also do not
set the controlling terminal correctly. RedHat has released new RPMs that
fix these problems (this is not a security issue).
RedHat 7.1, 7.2
---------------
rpm -Fvh util-linux-2.11f-17.i386.rpm