 |
|
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
DetailsThe Red Hat 7.0 dump is being released for Red Hat 6.x and Red Hat 5.x Dump can be used to gain root access. SolutionFor each RPM for your particular architecture, run:
rpm -Fvh [filename] where filename is the name of the RPM. Updated packages
Bugs fixed (see bugzilla for more information)20111 - RH6.2 dump SUID exploit (via RSH env. var) References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0186
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0520 N/A Keywords
exploit
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ |
||||||||||||||||||||||||||||||||||||||||||||||||||||
Setuid bits are removed on dump to prevent exploit