dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


TechRepublic: Ramen noodles: Not just a cheap snack - Are you vulnerable?

Jan 28, 2001, 20:35 (9 Talkback[s])
(Other stories by Jack Wallen)

"Are you vulnerable?
The list of vulnerable Linux distributions is quite long, so we'll go about this an easier way. Open a console window and type the command:

rpm -q wu-ftpd
If the results are anything earlier than 2.6.0-7, you need to upgrade immediately. Visit rpmfind and download the latest version of wu-ftpd (specific to your distribution, if necessary). The second check is for rpc.statd. This service is provided via nfs-utils and is a remote format string vulnerability. For this check, run the command:
rpm -q nfs-utils
If you come up with anything earlier than 0.1.9.1-4, you need to upgrade. Run the same routine you used for wu-ftpd. The last step is to check LPRng. This utility handles remote printing in many Linux systems and like rpc.statd, has format string vulnerabilities (only it's user-defined). Run the command:
rpm -q LRPng
If you come up with anything earlier than 3.3.5-3, you'll need to upgrade the entire LPRng package set to the latest versions."

Complete Story

Related Stories: