rhsa.2000-030-02.ntop

rhsa.2000-030-02.ntop: Posted Aug 9, 2000; Site redhat.com; Red Hat Security Advisory - The version of ntop which was included in Red Hat Powertools 6.2 has a remote exploit in which arbitrary files can be read on the host machine as root.; tags | remote, arbitrary, root; systems | linux, redhat; SHA-256 | 6bf66bc7d72b0e7c4a0cbee5777f2fa0ddd1a7e66defd6e878e4e03d69093b92; Download | Favorite | View

rhsa.2000-030-02.ntop

---------------------------------------------------------------------
                   Red Hat, Inc. Security Advisory

Synopsis:          Remote file access vulnerability in ntop
Advisory ID:       RHSA-2000:049-02
Issue date:        2000-08-07
Updated on:        2000-08-08
Product:           Red Hat Powertools
Keywords:          N/A
Cross references:  N/A
---------------------------------------------------------------------

1. Topic:

The version of ntop which was included in Red Hat Powertools 6.2 has a
remote exploit in which arbitrary files can be read on the host machine.

2. Relevant releases/architectures:

Red Hat Powertools 6.2 - i386, alpha, sparc

3. Problem description:

If ntop is run with the Web interface it allows any user to connect and
access all files on the host machine.

4. Solution:

For the Alpha architecture please remove ntop by running:

rpm -e ntop

For Sparc and i386 run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

N/A

6. RPMs required:

Red Hat Powertools 6.2:

sparc:
ftp://updates.redhat.com/powertools/6.2/sparc/ntop-1.3.1-1.sparc.rpm

i386:
ftp://updates.redhat.com/powertools/6.2/i386/ntop-1.3.1-1.i386.rpm

sources:
ftp://updates.redhat.com/powertools/6.2/SRPMS/ntop-1.3.1-1.src.rpm

7. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
8620607a310e28385cfc4961b3c909a9  6.2/SRPMS/ntop-1.3.1-1.src.rpm
188636458d73d66ea6e7d61aec64fc5b  6.2/i386/ntop-1.3.1-1.i386.rpm
e6415fc286119023f321ce7e5bdbfce9  6.2/sparc/ntop-1.3.1-1.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>

8. References:

N/A


Copyright(c) 2000 Red Hat, Inc.

Top Authors In Last 30 Days

Red Hat 410 files
Ubuntu 104 files
Debian 30 files
Rahad Chowdhury 21 files
BugsBD Limited 21 files
Gentoo 18 files
tmrswrr 14 files
Google Security Research 5 files
Ph0s 5 files
R0ckE7 5 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,914)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,884)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,645)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,149)
UNIX (9,340)
UnixWare (187)
Windows (6,607)
Other

rhsa.2000-030-02.ntop

rhsa.2000-030-02.ntop

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

rhsa.2000-030-02.ntop

Share This

rhsa.2000-030-02.ntop

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems