-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
              AUSCERT External Security Bulletin Redistribution
                             
                      ESB-2000.176 -- RHSA-2000:043-02
                   Updated package for nfs-utils available
                                18 July 2000

===========================================================================

	AusCERT Security Bulletin Summary
	---------------------------------

Product:		nfs-utils
Vendor:			Red Hat
Operating System:	Red Hat Linux
			Linux
Platform:		N/A

Impact:			Root Compromise
Access Required:	Remote

- --------------------------BEGIN INCLUDED TEXT--------------------

- ---------------------------------------------------------------------
                   Red Hat, Inc. Security Advisory

Synopsis:          Updated package for nfs-utils available
Advisory ID:       RHSA-2000:043-02
Issue date:        2000-07-17
Updated on:        2000-07-17
Product:           Red Hat Linux
Keywords:          rpc.statd root compromise
Cross references:  N/A
- ---------------------------------------------------------------------

1. Topic:

The rpc.statd daemon in the nfs-utils package shipped in Red Hat
Linux 6.0, 6.1, and 6.2 contains a flaw that could lead to a
remote root break-in.

2. Relevant releases/architectures:

Red Hat Linux 6.0 - i386, alpha, sparc
Red Hat Linux 6.1 - i386, alpha, sparc
Red Hat Linux 6.2 - i386, alpha, sparc

3. Problem description:

The rpc.statd daemon shipped in Red Hat Linux 6.0, 6.1, and 6.2
contains a flaw that could lead to a remote root break-in.
Version 0.1.9.1 of the nfs-utils package corrects the problem.
Although there is no known exploit for the flaw in rpc.statd,
Red Hat urges all users running rpc.statd to upgrade to
the new nfs-utils package.

Users should note that in Red Hat Linux 6.0 and 6.1 the rpc.statd
daemon was in the knfsd-clients package.  The nfs-utils package
replaces both the knfsd and knfsd-clients packages shipped in
Red Hat Linux 6.0 and 6.1.

On systems running a kernel older than 2.2.16-3, users should
also take this opportunity to upgrade to the latest kernel
release.

4. Solution:

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

N/A

6. RPMs required:

Red Hat Linux 6.2:

sparc:
ftp://updates.redhat.com/6.2/sparc/nfs-utils-0.1.9.1-1.sparc.rpm

alpha:
ftp://updates.redhat.com/6.2/alpha/nfs-utils-0.1.9.1-1.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/i386/nfs-utils-0.1.9.1-1.i386.rpm

sources:
ftp://updates.redhat.com/6.2/SRPMS/nfs-utils-0.1.9.1-1.src.rpm

7. Verification:

MD5 sum                           Package Name
- --------------------------------------------------------------------------
fb038f83f091c8ba3c81d272b19aab0b  6.2/SRPMS/nfs-utils-0.1.9.1-1.src.rpm
9ffff59f1ac1dbe09694d70abaf356d2  6.2/alpha/nfs-utils-0.1.9.1-1.alpha.rpm
c8fb4d05baca53e48e94c7759304726f  6.2/i386/nfs-utils-0.1.9.1-1.i386.rpm
0c32df4230662b6e48251fcb220364d1  6.2/sparc/nfs-utils-0.1.9.1-1.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>

8. References:

N/A

- --------------------------END INCLUDED TEXT--------------------

This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content.  The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

	http://www.auscert.org.au/Information/advisories.html

If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).

Internet Email: auscert@auscert.org.au
Facsimile:	(07) 3365 7031
Telephone:	(07) 3365 4417 (International: +61 7 3365 4417)
		AusCERT personnel answer during Queensland business hours
		which are GMT+10:00 (AEST).
		On call after hours for emergencies.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key

iQCVAwUBOXXUICh9+71yA2DNAQH3BQP7BWUNj/QyRTrQ3+ilpGnHRrLbZe3X+Q+/
RN+M3vK3/V+3BaQVhUIKHqJyJculk8MK+EUBDNuF5jGEKBKsfgW6Un6CPTUhQKML
IbFKUd5TrKJWpRp1mbAesrvZkqqFtjrVspCNaZ6oJ6R7vv7DP9+f9TCSFutwoMVP
E2jDBVEpNbo=
=SjS8
-----END PGP SIGNATURE-----