Re: Ramen worm

Thu, 18 Jan 2001 19:43:14 -0800 


the problem with simply updating to the latest rpms is the switch from
inetd to xinetd and other misc config problems that the rpms will bring
out.  granted i can upgrade a handful of packages, and maybe that's the
safest choice, but i'd still be interested in knowing if
wu-ftpd-2.6.0-2.5.x is vulnerable to the attack or not / if that patch is
the one that fixes 2.6.0.

-tcl.


On Thu, 18 Jan 2001, Michael H. Warfield wrote:

> On Thu, Jan 18, 2001 at 07:56:13PM -0500, tc lewis wrote:
> 
> > does anyone know specifically what patch to 2.6.0 takes care of this
> > problem?  i see a "wu-ftpd-2.6.0-security.patch" in the source rpms.  is
> > that the one, or is it something else?
> 
> > the reason i'm asking is because one of my machines runs redhat 5.2 yet.
> > i have wu-ftpd-2.6.0-2.5.x (from 5.2 updates) on there right now, which
> > appears to include the same "wu-ftpd-2.6.0-security.patch" file as
> > wu-ftpd-2.6.0-14.6x (from 6.2 updates) does, but not some of the others.
> 
>       1) Update to the latest...  Don't quible about this or that.
> 
>       2) The worm is very anal about what it triggers on.  It triggers
> on the date in the ftp banner.  If you are anything OTHER than the release
> that is in 6.2 OOB or 7.0 First Edition OOB you are safe, not because you
> can not be exploited but because this worm doesn't know what to do with
> the date in that ftp banner.  Small comfort.  Next cut may include your
> date.
> 
>       LESSON:  Doesn't MATTER!  Get the latest or shut it down!
> 
> > -tcl.
> 
>       Mike
> -- 
>  Michael H. Warfield    |  (770) 985-6132   |  [EMAIL PROTECTED]
>   (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
>   NIC whois:  MHW9      |  An optimist believes we live in the best of all
>  PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!
> 
> 
> 
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to