Date: 18 August 1999
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-1999.115 -- RHSA-1999:027-02
Bugs fixed in pump (DHCP client) [CORRECTION]
18 August 1999
===========================================================================
Red Hat Software, Inc. has released the following advisory concerning a
new version of pump, 0.7.0, addressing several problems, including a
potential security vulnerability which may allow remote users to gain root
access.
- --------------------------BEGIN INCLUDED TEXT--------------------
- ---------------------------------------------------------------------
Red Hat, Inc. Security Advisory
Synopsis: Bugs fixed in pump (DHCP client) [CORRECTION]
Advisory ID: RHSA-1999:027-02
Issue date: 1999-08-11
Updated on: 1999-08-14
Keywords: pump DHCP RoadRunner @Home
Cross references:
- ---------------------------------------------------------------------
1. Topic:
New version of pump, 0.7.0, fixes several problems, including a
potential security hole. We strongly recommend that all users
using DHCP upgrade to pump 0.7.0, particularly if you use DHCP
on a public network such as a cable modem or ADSL service.
This is a correction to our previous announcement, which did not
mention the security bug that is fixed in pump 0.7.0.
2. Bug IDs fixed:
3263
3. Relevant releases/architectures:
Red Hat Linux 6.0, all architectures.
4. Obsoleted by:
5. Conflicts with:
6. RPMs required:
Intel:
ftp://ftp.redhat.com/redhat/updates/6.0/i386/pump-0.7.0-1.i386.rpm
Alpha:
ftp://ftp.redhat.com/redhat/updates/6.0/alpha/pump-0.7.0-1.alpha.rpm
Sparc:
ftp://ftp.redhat.com/redhat/updates/6.0/sparc/pump-0.7.0-1.sparc.rpm
Source packages:
ftp://ftp.redhat.com/redhat/updates/6.0/SRPMS/pump-0.7.0-1.src.rpm
7. Problem description:
o DHCP did not work with some @Home and RoadRunner (and potentially
other) servers.
o Some (broken) servers did not return server address properly; in these
cases, pump now reuses the broadcast address.
o There was a security hole with the potential for a remote root
exploit in certain configurations where DHCP is used on public
networks
8. Solution:
For each RPM for your particular architecture, run:
rpm -Uvh <filename>
where filename is the name of the RPM.
9. Verification:
MD5 sum Package Name
- --------------------------------------------------------------------------
a93c710c0ce18e79b3dd33d268ae7752 i386/pump-0.7.0-1.i386.rpm
53df0de539645b34ad93272f3b4e6d97 alpha/pump-0.7.0-1.alpha.rpm
d56bac8b659b353894092869782d59cc sparc/pump-0.7.0-1.sparc.rpm
2f18a5c39cdd327e0406df1ab5308549 SRPMS/pump-0.7.0-1.src.rpm
These packages are PGP signed by Red Hat Inc. for security. Our key
is available at:
http://www.redhat.com/corp/contact.html
You can verify each package with the following command:
rpm --checksig <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp <filename>
10. References:
- --------------------------END INCLUDED TEXT--------------------
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.
NOTE: This is only the original release of the security bulletin. It will
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/Information/advisories.html
If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for emergencies.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key
iQCVAwUBN+dv5Sh9+71yA2DNAQEg7wP/UOmeq1iZtsNgSc/nlZj7Ze+I+U+q4XQb
ZmL/1le5ATTJ6bi961moVLWyGZzFBNEpFoMrOI03LFjtcAA/hZikpTzp6hcUUgMI
SWTmb91zKqaiUJ3gbB67ya0fDxnjDo4FJ2TGK4vGrnd+IxQFh/KYKeLgpt7hYEXO
bWXyyou0IxY=
=hMEX
-----END PGP SIGNATURE-----
|