Conectiva Linux Security Announcement - traceroute

Date: Sat, 30 Sep 2000 15:56:05 -0300
From: secure@CONECTIVA.COM.BR
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Conectiva Linux Security Announcement – traceroute

CONECTIVA LINUX SECURITY ANNOUNCEMENT

PACKAGE   : traceroute
SUMMARY   : Traceroute local root exploit
DATE      : 2000-09-30 15:55:00
RELEVANT
RELEASES  : 4.0, 4.0es, 4.1, 4.2, 5.0, prg gráficos, ecommerce, 5.1

DESCRIPTION
Previous releases of traceroute contained some problems that could
be exploited to gain local root access.

SOLUTION
All users should upgrade the traceroute package.

Many people contributed to this new version: Pekka Savola (who
first found the vulnerability), Chris Evans, Tim Robbins and
others, and also the maintainers of traceroute.

DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES

ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/traceroute-1.4a7-2cl.src.rpm

ftp://atualizacoes.conectiva.com.br/4.0/i386/traceroute-1.4a7-2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/traceroute-1.4a7-2cl.src.rpm

ftp://atualizacoes.conectiva.com.br/4.0es/i386/traceroute-1.4a7-2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/traceroute-1.4a7-2cl.src.rpm

ftp://atualizacoes.conectiva.com.br/4.1/i386/traceroute-1.4a7-2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/traceroute-1.4a7-2cl.src.rpm

ftp://atualizacoes.conectiva.com.br/4.2/i386/traceroute-1.4a7-2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/traceroute-1.4a7-2cl.src.rpm

ftp://atualizacoes.conectiva.com.br/5.0/i386/traceroute-1.4a7-2cl.i386.rpm

ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/traceroute-1.4a7-2cl.src.rpm

ftp://atualizacoes.conectiva.com.br/5.1/i386/traceroute-1.4a7-2cl.i386.rpm