Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Red Hat Powertools 6.0 RHSA-2001:004-04 Critical String Format Threat

red hat
Calendar Grey January 24, 2001
Dist Redhat Esm H88
The vulnerability in Icecast's string handling presents a potential risk for remote code execution. It is crucial to perform an upgrade at once to mitigate this serious security issue.
There is a format string vulnerability in icecast that can allow a remote user to execute arbitrary code.

Solution

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed ( for more info):



6. RPMs required:

Red Hat Powertools 6.0:

SRPMS:


alpha:


i386:


sparc:


Red Hat Powertools 6.1:

SRPMS:


alpha:


i386:


sparc:


Red Hat Powertools 6.2:

SRPMS:


alpha:


i386:


sparc:


Red Hat Powertools 7.0:

SRPMS:


alpha:


i386:




7. Verification:

MD5 sum Package Name 6e10a41120782afa633229384a3de9f5 6.0/SRPMS/icecast-1.3.8.beta2-2.src.rpm feba1b51874808c6d59eae717adc116d 6.0/alpha/icecast-1.3.8.beta2-2.alpha.rpm 17f5ed6b597b38456faff7e8bd1eb828 6.0/i386/icecast-1.3.8.beta2-2.i386.rpm e8c06fc3348e60a3053e7fad06dedeec 6.0/sparc/icecast-1.3.8.beta2-2.sparc.rpm 6e10a41120782afa633229384a3de9f5 6.1/SRPMS/icecast-1.3.8.beta2-2.src.rpm feba1b51874808c6d59eae717adc116d 6.1/alpha/icecast-1.3.8.beta2-2.alpha.rpm 17f5ed6b597b38456faff7e8bd1eb828 6.1/i386/icecast-1.3.8.beta2-2.i386.rpm e8c06fc3348e60a3053e7fad06dedeec 6.1/sparc/icecast-1.3.8.beta2-2.sparc.rpm 6e10a41120782afa633229384a3de9f5 6.2/SRPMS/icecast-1.3.8.beta2-2.src.rpm feba1b51874808c6d59eae717adc116d 6.2/alpha/icecast-1.3.8.beta2-2.alpha.rpm 17f5ed6b597b38456faff7e8bd1eb828 6.2/i386/icecast-1.3.8.beta2-2.i386.rpm e8c06fc3348e60a3053e7fad06dedeec 6.2/sparc/icecast-1.3.8.beta2-2.sparc.rpm 417343d579a7067720300adc8c99b38d 7.0/SRPMS/icecast-1.3.8.beta2-3.src.rpm b728ad07c46c37221e98d5ee905efb2d 7.0/alpha/icecast-1.3.8.beta2-3.alpha.rpm 9fc78917546ab1bc41fb9951d47bf749 7.0/i386/icecast-1.3.8.beta2-3.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:


You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

References

Thanks to |CyRaX| <cyrax@pkcrew.org> for finding the problem and posting it to Bugtraq. For more information please see Copyright(c) 2000, 2001 Red Hat, Inc. `

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2001:004-04
Issue date: 2001-01-23
Updated on: 2001-01-24
Product: Red Hat Powertools
Keywords:
Cross references:
Obsoletes:

Topic

Relevant Releases Architectures

Red Hat Powertools 6.0 - alpha, i386, sparc

Red Hat Powertools 6.1 - alpha, i386, sparc

Red Hat Powertools 6.2 - alpha, i386, sparc

Red Hat Powertools 7.0 - alpha, i386

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here