On Thu, Jan 18, 2001 at 04:18:45PM +0100, Leonard den Ottolander wrote:
> Hi Mike,
> > > Well, my RedHat 7.0 came with wu-ftpd-2.6.1-6 (this is not the respin). I
> > > guess for 7.0 only the rpc.statd is an issue.
> >
> > I thought I also saw something about LPRng and I thought that
> > was one of the ones fixed between first edition and respin.
> There is an update available for LPRng for 7.0. But I double checked: There
> is no update available for nfs-utils.
> So I am still wondering why this worm would affect RedHat 7.0. It targets wu-
> ftpd and nfs-utils, but both seem to be up to date in the (first edition) of
> RedHat 7.0 that I downloaded.
The worm very definitely contains an unstripped binary of the
exploit against the version of LPRng that was in the original first
edition 7.0. I doubt it was there just to add bulk to the transfer.
I think that it's safe to say that this thing CAN propagate through
the LPRng exploit. Add that to the list of attack targets.
> Bye,
> Leonard.
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
(The Mad Wizard) | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list