> Sure. There is a bug in rpc.mountd (or, I suppose, in RPC library)
> which allows a remote machine to send a packet containing program
> which executes with root privileges on target machine. Same or at
> least similar bug is in imapd. Block remote access to their ports.
> Or upgrade these packages to newest available versions.
>
> BTW, does anyone know if any, and which versions are safe?
All the modern versions.
> seems it is also on RH 5.1. I do not know if it is still on RH 5.2
> (and I would like to know it, and avoid upgrading if unnecessary).
RH 5.2 has a errata for it, as have all the other distributions. See
http://www.redhat.com for the Red Hat errata rpms and info.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
