CERT Advisory CA-2000-22 reports that the LPRng printer daemon can be exploited if not patched. Systems which offer print services should apply the appropriate RPM; systems which rely on print services offered by other systems do not need a printer daemon -- disable the service.
The RedHat Support site includes patches, security advisories and much more. We maintain a local mirror of RedHat Updates.
CERT Incident note IN-2000-09 reports an exploit of the telnetd daemon on SGI/IRIX systems -- we have seen several compromised systems. Systems must be patched (if a patch is available); alternatively the service should be disabled (ssh and rlogin services are acceptable alternatives).
The SGI Security Site includes patches, security advisories and much more.
CERT Advisory CA-2000-13 reports a vulnerability with the WU-FTP server -- some RedHat Linux systems are vulnerable. We have seen systems compromised using this vulnerability. Systems which offer an FTP service should verify that they have applied the appropriate RPM update; others are encouraged to disable the service.
The RedHat Support site includes patches, security advisories and much more. We maintain a local mirror of RedHat Updates.
CERT Advisory CA-2000-17 reports a vulnerability with the RPC statd component of NFS services. Sites which use NFS services should make sure the appropriate RPM update is applied; sites which do not require NFS services should disable the daemons.
The RedHat Support site includes patches, security advisories and much more. We maintain a local mirror of RedHat Updates.
Information Systems & Technology
University of Waterloo
200 University Avenue West
Waterloo, Ontario, Canada N2L 3G1
519 888 4567 x37070
Contact Us |
Give Us Feedback |
Privacy Statement