Red Hat Linux 6.2/6.1 Security Advisory

Back to Red Hat 6.2 Security Advisories Back to Red Hat Linux 6.1 Errata Advisories

Package imwheel-0.9.8-1 Synopsis imwheel buffer overflow Advisory ID RHSA-2000:016-02 Issue Date 2000-04-20 Updated on 2000-04-21 Product Red Hat Powertools Keywords imwheel buffer imwheel-solo 1. Topic: A buffer overflow exists in imwheel 2. Problem description: A vulnerability exists in the imwheel package where local users can execute arbitrary commands as root. 3. Bug IDs fixed: (see bugzilla for more information) N/A 4. Relevant releases/architectures: Red Hat Powertools 6.1 - i386 alpha sparc Red Hat Powertools 6.2 - i386 alpha sparc 5. Obsoleted by: N/A 6. Conflicts with: N/A 7. RPMs required: Red Hat Linux 6.1: Intel: ftp://updates.redhat.com/powertools/6.1/en/os/i386/imwheel-0.9.8-1.i386.rpm Alpha: ftp://updates.redhat.com/powertools/6.1/en/os/alpha/imwheel-0.9.8-1.alpha.rpm SPARC: ftp://updates.redhat.com/powertools/6.1/en/os/sparc/imwheel-0.9.8-1.sparc.rpm Source: ftp://updates.redhat.com/powertools/6.1/en/os/SRPMS/imwheel-0.9.8-1.src.rpm Red Hat Linux 6.2: Intel: ftp://updates.redhat.com/powertools/6.2/en/os/i386/imwheel-0.9.8-1.i386.rpm Alpha: ftp://updates.redhat.com/powertools/6.2/en/os/alpha/imwheel-0.9.8-1.alpha.rpm SPARC: ftp://updates.redhat.com/powertools/6.2/en/os/sparc/imwheel-0.9.8-1.sparc.rpm Source: ftp://updates.redhat.com/powertools/6.2/en/os/SRPMS/imwheel-0.9.8-1.src.rpm 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh filename where filename is the name of the RPM. 9. Verification: MD5 sum Package Name ------------------------------------------------------------------------- fa97ae01087560b01ef0c08266e097b5 6.1/en/os/sparc/imwheel-0.9.8-1.sparc.rpm 921c50608059cd74840d070e5f538202 6.1/en/os/SRPMS/imwheel-0.9.8-1.src.rpm 0350d5be826d54f80948f4a4e9de6101 6.1/en/os/i386/imwheel-0.9.8-1.i386.rpm f1cc900d060fec5546a229f0a7a4d48d 6.1/en/os/alpha/imwheel-0.9.8-1.alpha.rpm fa97ae01087560b01ef0c08266e097b5 6.2/en/os/sparc/imwheel-0.9.8-1.sparc.rpm 0350d5be826d54f80948f4a4e9de6101 6.2/en/os/i386/imwheel-0.9.8-1.i386.rpm f1cc900d060fec5546a229f0a7a4d48d 6.2/en/os/alpha/imwheel-0.9.8-1.alpha.rpm 921c50608059cd74840d070e5f538202 6.2/en/os/SRPMS/imwheel-0.9.8-1.src.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: http://www.redhat.com/about/contact.html You can verify each package with the following command: rpm --checksig filename If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg filename Note that you need RPM >= 3.0 to check GnuPG keys. 10. References: http://www.securityfocus.com/vdb/bottom.html?vid=1060