[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]

Subject: Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]
From: "Florian Effenberger" <florian.effenberger@xxxxxxxxxxxxx>
Date: Tue, 25 Jul 2000 20:14:15 +0200

Hi,,

when will you release the "final" (non-experimental) version? :)

Thanks,
Florian

----- Original Message -----
From: "Jeff Lovell" <jlovell@xxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxx>
Sent: Tuesday, July 25, 2000 4:12 AM
Subject: [cobalt-security] [Fwd: Cobalt Security Advisory -
07.24.2000 - Qpopper]


> --------------------------------------------------
>
>   Cobalt Security Update Advisory - 07.24.2000
>
> --------------------------------------------------
> Abstract:
>
> Package Name:                              qpopper
> Date:                                July 24, 2000
> Platforms Affected:        RaQ1, RaQ2, RaQ3, Qube1
>
> --------------------------------------------------
> Description:
>
> Qpopper 2.53 and older may permit an attacker who has
> access to a valid account to obtain a shell with group-id
> 'mail', potentially allowing read/write access to all mail.
>
> The Cobalt Qube2 was updated in with the latest
> version of qpopper as of OS Update 3.0.  If you
> have not installed that update yet, it is recommended
> you do so as soon as possible.  It can be found
> at:
>
> ftp://ftp.cobalt.com/pub/packages/qube2/eng/Qube2-Update-OS-2.0.pkg
>
> --------------------------------------------------
> Location:
>
> RaQ3
>
ftp://ftp.cobaltnet.com/pub/experimental/security/qpopper/RaQ3-Qpopper
-3.0.2.pkg
> RaQ2
>
ftp://ftp.cobaltnet.com/pub/experimental/security/qpopper/RaQ2-Qpopper
-3.0.2.pkg
> RaQ1
>
ftp://ftp.cobaltnet.com/pub/experimental/security/qpopper/RaQ1-Qpopper
-3.0.2.pkg
> Qube1
>
ftp://ftp.cobaltnet.com/pub/experimental/security/qpopper/Qube1-Qpoppe
r-3.0.2.pkg
>
> --------------------------------------------------
> Verification: (md5sum)
>
> RaQ3:
> 7b278d6e3136e5f5f07ae90c783234eb  RaQ3-Qpopper-3.0.2.pkg
> RaQ2:
> 4996b2bee0765191e5d121e7b7cfc235  RaQ2-Qpopper-3.0.2.pkg
> RaQ1:
> 463f485f244f4c554132440a8bbec477  RaQ1-Qpopper-3.0.2.pkg
> Qube1:
> 27d7fb721c5d00b0f5708da9aa2a49c5  Qube1-Qpopper-3.0.2.pkg
>
> ---------------------------------------------------
> Correspondence:
>
> If have any comments about this update or have any
> technical issues directly relating to this update
> please contact Cobalt Security <security@xxxxxxxxxx>
>
> Jeff
> --
> Jeff Lovell
> Cobalt Networks, Inc.
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security

Follow-Ups:
- Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]
  - From: Jeff Lovell

References:
- [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]
  - From: Jeff Lovell

Prev by Date: Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]
Next by Date: Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]
Previous by thread: Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]
Next by thread: Re: [cobalt-security] [Fwd: Cobalt Security Advisory - 07.24.2000 - Qpopper]

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index