COMMAND

    /bin/login

SYSTEMS AFFECTED

    Red Hat 4.0

PROBLEM

    There is a buffer overrun in /bin/login which has the potential to
    allow   any   user   of   your   system   to   gain  root  access.
    util-linux-2.5-29 contains  a fix  for this  and is  available for
    Red  Hat  Linux  4.0  on  all  four  platforms.   Red Hat strongly
    recommend that  all of  Red Hat  4.0 usres  apply this  fix.  This
    information was brought to public thanks to Erik Troan.

SOLUTION

    Users of Red  Hat Linux versions  earlier then 4.0  should upgrade
    to 4.0 and then apply all available security pacakges.

    Users whose computers have  direct internet connections may  apply
    this update by using one of the following commands:


        Intel:
        rpm -Uvh ftp://ftp.redhat.com/updates/4.0/i386/util-linux-2.5-29.i386.rpm

        Alpha:
        rpm -Uvh ftp://ftp.redhat.com/updates/4.0/axp/util-linux-2.5-29.axp.rpm

        SPARC:
        rpm -Uvh ftp://ftp.redhat.com/updates/4.0/sparc/util-linux-2.5-29.sparc.rpm

    All of these packages have been signed with Red Hat's PGP key.