[CLUE-Talk] Fwd: Linux worm holes
Kevin Fenzi
kevin at scrye.com
Wed Jan 17 14:00:20 MST 2001
>>>>> "Michael" == "Michael J Hammel" <mjhammel at graphics-muse.org> writes:
Michael> Thus spoke Grant Johnson
>> If you use Red Hat 6.2 or Red Hat 7.0, and do not have the patches
>> in place, you are vulnerable, especially if you have an always on
>> broadband connection. Get the RPC and wu-FTPd patches NOW!!
Michael> I don't think KRUD is vulnerable if you have isinglass
Michael> properly configured since they don't use WU-FTP, right?
Michael> Evelyn? Kevin? Comments?
well, you should be safer with isinglass running...but possibly still
vunerable. If you enable ftp connections and are running an old redhat
6.2 with the unpatched wu-ftpd, then you could still be vunerable. If
you have ftp off in isinglass, you should be protected.
Also, this worm uses the LPRng bug in early RedHat 7.0, so if you are
running 7.0, you should make sure and have that fix in.
To summarize:
If you are running 6.2:
- make sure you have the wu-ftpd update
- make sure you have the rpc.statd update.
If you are running 7.0:
- make sure you have the LPRng update.
none of those are recent (the LPRng update was the first one for RH7
on Oct 3rd!). So if you have kept up to date, everything is fine. ;)
kevin
--
Kevin Fenzi
MTS, tummy.com, ltd.
http://www.tummy.com/ KRUD - Kevin's Red Hat Uber Distribution
More information about the clue-talk
mailing list