Red Hat Security Advisory: New version of usermode, pamJan 04, 2000, 17:12 (0 Talkback[s])
(Other stories by Michael K. Johnson)
Date: Tue, 04 Jan 2000 11:58:23 -0500
Red Hat, Inc. Security Advisory
Synopsis: New version of usermode fixes security bug
A security bug has been discovered and fixed in the userhelper program.
2. Relevant releases/architectures:
Red Hat Linux 6.0 and 6.1, all architectures.
3. Problem description:
A security bug was found in userhelper; the bug can be exploited to provide local users with root access.
The bug has been fixed in userhelper-1.17, and pam-0.68-10 has been modified to help prevent similar attacks on other software in the future.
For each RPM for your particular architecture, run:
5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla/ for more info):
6. Obsoleted by:
7. Conflicts with:
8. RPMs required:
MD5 sum Package Name
bffd4388103fa99265e267eab7ae18c8 i386/pam-0.68-10.i386.rpm 2d69859d2b1d2180d254fc263bdccf94 i386/usermode-1.17-1.i386.rpm fed2c2ad4f95829e14727a9dfceaca07 alpha/pam-0.68-10.alpha.rpm 83c69cb92b16bb0eef295acb4c857657 alpha/usermode-1.17-1.alpha.rpm 350662253d09b17d0aca4e9c7a511675 sparc/pam-0.68-10.sparc.rpm d89495957c9a438fda657b8a4a5f5578 sparc/usermode-1.17-1.sparc.rpm f9ad800f56b7bb05ce595bad824a990d SRPMS/pam-0.68-10.src.rpm 1d3b367d257a57de7d834043a4fcd87a SRPMS/usermode-1.17-1.src.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our
key is available at:
You can verify each package with the following command:
If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
Thanks to firstname.lastname@example.org for finding this bug.
0 Talkback[s] (click to add your comment)