- Issued:
- 2009-04-15
- Updated:
- 2009-09-02
RHBA-2009:0423 - Bug Fix Advisory
Synopsis
rsh bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated rsh packages that resolve several issues are now available.
Description
The rsh-server package contains programs which allow users to run commands
on remote machines, log in to other machines, copy files between machines
(rsh, rlogin and rcp), and provides an alternate method of executing remote
commands (rexec). All of these programs are run by xinetd and can be
configured through the Pluggable Authentication Modules (PAM) system, and
through configuration files in the /etc/xinetd.d/ directory.
These updated rsh packages provide fixes for the following bugs:
- rsh did not set any of the environment variables listed in the
/etc/security/pam_env.conf configuration file, and thus rsh users did not
have access to that environment. With this update, rsh correctly reads and
sets the environment variables listed in /etc/security/pam_env.conf, thus
resolving the issue.
- the rexec(1) man page stated that the maximum length of the username on
the remote system was restricted to 16 characters. Internally, however,
rexec limited the maximum username length to 14 characters. rexec's maximum
username length has been increased to 16 characters, which corresponds to
the value given in the manual page, and which resolves the issue.
- when copying data to a full NFS directory, rcp failed silently and did
not report an error, which led to silent data loss. With this update, rcp
does report an error under this condition.
All users of rsh are advised to upgrade to these updated packages, which
resolve these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 434938 - [PATCH] rshd access pam_env
- BZ - 436748 - rexec username limit is 16 characters, not 14
- BZ - 461903 - rcp does not return ENOSPC error on full NFS-File system
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
rsh-0.17-40.el5.src.rpm | SHA-256: 45bef5598da8b371317291dad5f3b38a0e4d5215283dec8de03f844da9704875 |
x86_64 | |
rsh-0.17-40.el5.x86_64.rpm | SHA-256: 4cd996ced01e5c5a6dec7145f162353a670b53d0e769d1a2c151ef58798e7f3b |
rsh-server-0.17-40.el5.x86_64.rpm | SHA-256: b32b7e4026a05ce5db9c6f05592916746f913a2eec64646189fbe073d71c6e20 |
ia64 | |
rsh-0.17-40.el5.ia64.rpm | SHA-256: e47d4e80a72fd861858ba540f690afc6a6a1454e332c794c29f34c232179ee88 |
rsh-server-0.17-40.el5.ia64.rpm | SHA-256: 2182c3cd542ade2313e87e0e790eec91fbb30e71003a60f31750890ea9bf5dc7 |
i386 | |
rsh-0.17-40.el5.i386.rpm | SHA-256: 9a7211c002d63a2a775c304b720e6f1dcfb24602aaa536a5d9f46fb01c274cf4 |
rsh-server-0.17-40.el5.i386.rpm | SHA-256: 1a3c85e510823e23dd9216992335e186dac4e6dacced136ca4e6f928488ad135 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
rsh-0.17-40.el5.src.rpm | SHA-256: 45bef5598da8b371317291dad5f3b38a0e4d5215283dec8de03f844da9704875 |
x86_64 | |
rsh-0.17-40.el5.x86_64.rpm | SHA-256: 4cd996ced01e5c5a6dec7145f162353a670b53d0e769d1a2c151ef58798e7f3b |
rsh-server-0.17-40.el5.x86_64.rpm | SHA-256: b32b7e4026a05ce5db9c6f05592916746f913a2eec64646189fbe073d71c6e20 |
i386 | |
rsh-0.17-40.el5.i386.rpm | SHA-256: 9a7211c002d63a2a775c304b720e6f1dcfb24602aaa536a5d9f46fb01c274cf4 |
rsh-server-0.17-40.el5.i386.rpm | SHA-256: 1a3c85e510823e23dd9216992335e186dac4e6dacced136ca4e6f928488ad135 |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
rsh-0.17-40.el5.src.rpm | SHA-256: 45bef5598da8b371317291dad5f3b38a0e4d5215283dec8de03f844da9704875 |
x86_64 | |
rsh-0.17-40.el5.x86_64.rpm | SHA-256: 4cd996ced01e5c5a6dec7145f162353a670b53d0e769d1a2c151ef58798e7f3b |
rsh-server-0.17-40.el5.x86_64.rpm | SHA-256: b32b7e4026a05ce5db9c6f05592916746f913a2eec64646189fbe073d71c6e20 |
i386 | |
rsh-0.17-40.el5.i386.rpm | SHA-256: 9a7211c002d63a2a775c304b720e6f1dcfb24602aaa536a5d9f46fb01c274cf4 |
rsh-server-0.17-40.el5.i386.rpm | SHA-256: 1a3c85e510823e23dd9216992335e186dac4e6dacced136ca4e6f928488ad135 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
rsh-0.17-40.el5.src.rpm | SHA-256: 45bef5598da8b371317291dad5f3b38a0e4d5215283dec8de03f844da9704875 |
s390x | |
rsh-0.17-40.el5.s390x.rpm | SHA-256: 5d0ba6ad1d41f15949849e76db47d89aa7f198582cd854628544d44e76788e4f |
rsh-server-0.17-40.el5.s390x.rpm | SHA-256: ea0a9ed95cf0ba44bb82fbe45aedda47866ba6485cbda3f31878a289b74ad7f7 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
rsh-0.17-40.el5.src.rpm | SHA-256: 45bef5598da8b371317291dad5f3b38a0e4d5215283dec8de03f844da9704875 |
ppc | |
rsh-0.17-40.el5.ppc.rpm | SHA-256: 7b51fad8272689b239026f484ba029c8597f2922ab96a9a871d95c59be10f261 |
rsh-server-0.17-40.el5.ppc.rpm | SHA-256: d792d79fa546658926f8faa40669215c8416b7351d1acb2d78b5983c89fba425 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
rsh-0.17-40.el5.src.rpm | SHA-256: 45bef5598da8b371317291dad5f3b38a0e4d5215283dec8de03f844da9704875 |
x86_64 | |
rsh-0.17-40.el5.x86_64.rpm | SHA-256: 4cd996ced01e5c5a6dec7145f162353a670b53d0e769d1a2c151ef58798e7f3b |
rsh-server-0.17-40.el5.x86_64.rpm | SHA-256: b32b7e4026a05ce5db9c6f05592916746f913a2eec64646189fbe073d71c6e20 |
i386 | |
rsh-0.17-40.el5.i386.rpm | SHA-256: 9a7211c002d63a2a775c304b720e6f1dcfb24602aaa536a5d9f46fb01c274cf4 |
rsh-server-0.17-40.el5.i386.rpm | SHA-256: 1a3c85e510823e23dd9216992335e186dac4e6dacced136ca4e6f928488ad135 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.