Slackware alert: Local /tmp vulnerability fixed in ppp-off

Posted by dave on Oct 24, 2000 6:48 PM EDT
Mailing list
Mail this story
Print this story

A local /tmp bug in the /usr/sbin/ppp-off program was found. This bug could allow a local user to corrupt system files. A fix has been made and an updated package is now available in the -current branch.

A local /tmp bug in the /usr/sbin/ppp-off program was found.  This bug
could allow a local user to corrupt system files.  A fix has been made and
an updated package is now available in the -current branch.

The package described below will work for users of Slackware 7.0, 7.1, and -current.

================================== ppp package updated - (n1/ppp.tgz) ==================================

A local /tmp bug in the /usr/sbin/ppp-off program has been found and fixed. The new ppp.tgz package is available from:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/n1/ppp.tgz

For verification purposes, we provide the following checksums:

16-bit "sum" checksum: 60573 191 n1/ppp.tgz

128-bit MD5 message digest: c879dd34413a5d9cf367640206492852 n1/ppp.tgz

INSTALLATION INSTRUCTIONS FOR THE ppp.tgz PACKAGE: -------------------------------------------------- Disable any running pppd processes:

# killall pppd

Then issue this command:

# upgradepkg ppp.tgz

Remember, it's also a good idea to backup configuration files before upgrading packages.

- Slackware Linux Security Team http://www.slackware.com

+------------------------------------------------------------------------+ | HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back. Follow the instructions to | | complete the unsubscription. Do not reply to this message to | | unsubscribe! | +------------------------------------------------------------------------+

  Nav
» Read more about: Story Type: Security; Groups: Slackware

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.