Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Red Hat Linux 6.2 RHSA-2000:014-16 Critical: Piranha Web GUI Remote Exploit

red hat
Calendar Grey April 24, 2000
Dist Redhat Esm H88
The vulnerability notice RHSA-2021:045-10 details flaws within the Apache HTTP Server for CentOS, encouraging users to adhere to recommended upgrade procedures for resolution.
The GUI portion of Piranha may allow any remote attacker to execute commands on the server.

Solution

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

When you install the update for the piranha-gui, please take a moment to review the instructions presented on the following URL (). This should guide you through the process of installing a password for use with the GUI.

5. Bug IDs fixed ( for more info):

N/A

6. Obsoleted by:

N/A

7. Conflicts with:

N/A

8. RPMs required:


Red Hat Linux 6.2:

intel:

alpha:

sparc:

sources:


9. Verification:

MD5 sum Package Name 179e502f88f149fe3bfb285af851a6d3 6.2/alpha/piranha-0.4.14-1.alpha.rpm 881622bc6403c2af38834c0deaf05d44 6.2/alpha/piranha-docs-0.4.14-1.alpha.rpm 7ffc63ec6f236afc0b19298ec29e6774 6.2/alpha/piranha-gui-0.4.14-1.alpha.rpm 1e04357c0ebb004185b834152667c644 6.2/i386/piranha-0.4.14-1.i386.rpm 5b6649f14979e1b2fbdb763d88e9a3ac 6.2/i386/piranha-docs-0.4.14-1.i386.rpm 1a49816f280dc7a9b83ba9bab42a247f 6.2/i386/piranha-gui-0.4.14-1.i386.rpm 4153b861f030a17745463c1749732b58 6.2/sparc/piranha-0.4.14-1.sparc.rpm dc964993d9a3b6c967e5c4455bc24221 6.2/sparc/piranha-docs-0.4.14-1.sparc.rpm 97071e07e2f34fecf80ba48f61e70ba6 6.2/sparc/piranha-gui-0.4.14-1.sparc.rpm


These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:

You can verify each package with the following command: rpm --checksig

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

Summary

Topics%20covered

Topics Covered

security advisory Red Hat Linux critical remote execution piranha web interface

References

This vulnerability was discovered and researched by Allen Wilson and Dan Ingevaldson of Internet Security Systems. Red Hat would like to thank ISS for the assistance in getting this problem fixed quickly. Cristian ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE-----Version: 2.6.2 iQCVAwUBOQeN/fGvxKXU9NkBAQE7LwP/QnZL0RAfs5odNDee0htT3pxp8IxefuzY jg8aedrbqkbZHzUflaGsFZN1KlXXwpelQ1kO9ro2YAewDvOVRgUFZyEM0gOIRpaJ mAK3cgQageGG09Gg58X+Ov+3AD64R89ufv30YFakrblRYYCLmvZRn4e2zE97DgZM Qk5LS0w9ZoM=lrT3 -----END PGP SIGNATURE-----

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2000:014-16
Issue date: 2000-04-18
Updated on: 2000-04-26
Product: Red Hat Linux
Keywords: piranha
Cross references: php
:
The GUI portion of Piranha may allow any remote attacker to execute:
commands on the server. This may allow a remote attacker to launch:
additional exploits against a web site from inside the web server.:
:
This is an updated release that disables Piranha's web GUI interface:
unless the site administrator enables it explicitly.:
:

Topic

Topics%20covered

Topics Covered

security advisory Red Hat Linux critical remote execution piranha web interface

Relevant Releases Architectures

Red Hat Linux 6.2 - i386 alpha sparc

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here