[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] SDI remote ProFTPD exploit
- Subject: Re: [cobalt-security] SDI remote ProFTPD exploit
- From: Brian Foy Jr <cio@xxxxxxxxxxxxx>
- Date: Wed, 27 Sep 2000 16:25:10 -0400
- Organization: eWebPlace.com, Inc.
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Your right. In the end getting the information out there (and that includes the
actual exploits so we can test our servers) is the only way to help us figure out
how vaunerable we are, and how hard we have to push for a fix.
I'm off to look up the exploit at: www.securityfocus.com
They do a pretty good job of documenting this type of thing
and often have sugestions on how to fix it.
Brian
Theodore Jones wrote:
> Well,
>
> If the hackers saw the last messages and indeed are monitoring this list, they
> already know about it I would guess. I probably could have done a search to
> track this report down, but I'll admit to being slogged with "issues" all day
> and was looking for a lazy alternative....
>
> I appreciate your concern, but the "security by obscurity" issue has been
> thrashed out before in this forum. I say let the information flow, block the
> holes when we find out about them, and let everyone here know loud and clear....
>
> My humble opinion only,
>
> ~ Theo
>
> Mark Baker - Cobalt Lists wrote:
>
> > Is that a good idea? This list is watched by hackers.
> >
> > Regards,
> >
> > Mark Baker
> > Dark Marketing Ltd
> > http://www.yoursitehere.co.uk
> >
> > Reply e-mail: mark@xxxxxxxxxxxxxxxxxx
> > ----- Original Message -----
> > From: Theodore Jones <theoj@xxxxxxxxxxxxx>
> > To: <cobalt-security@xxxxxxxxxxxxxxx>
> > Sent: Wednesday, September 27, 2000 7:44 PM
> > Subject: Re: [cobalt-security] SDI remote ProFTPD exploit
> >
> > > Can you send out a link to the report on this exploit possibly?
> > >
> > > ~ Theo
> > >
> > > Audric Leperdi wrote:
> > >
> > > > SDI remote ProFTPD exploit (Sept2K)
> > > >
> > > > Does the latest patch fix this exploit now publicly & widely available??
> > > >
> > > > Audric Leperdi
> > > > evolutiva s.r.l. - Via Varallo, 30 - 10153 Torino (TO) - Italy
> > > > Tel. +39.011.8121617 - Fax +39.011.8121614 - http://www.evolutiva.com
> > > > _____________________________________________________________________
> > > >
> > > > Il contenuto di questo messaggio è confidenziale e la lettura o la
> > > > divulgazione non autorizzata dello stesso viola i diritti di privacy del
> > > > mittente e del desinatario.
> > > > Se avete ricevuto questo messaggio per errore siete pregati di
> > distruggerlo
> > > > e di avvertire il mittente.
> > > >
> > > > This message is confidential and unauthorised reading or disclosing of
> > it
> > > > infringes privacy rights of sender and recipent.
> > > > If you are not the intended recipient of this message, please destroy it
> > and
> > > > inform the sender.
> > > > Tel 011 8121617 - Fax 011 8121614
> > > >
> > > > _______________________________________________
> > > > cobalt-security mailing list
> > > > cobalt-security@xxxxxxxxxxxxxxx
> > > > http://list.cobalt.com/mailman/listinfo/cobalt-security
> > >
> > > _______________________________________________
> > > cobalt-security mailing list
> > > cobalt-security@xxxxxxxxxxxxxxx
> > > http://list.cobalt.com/mailman/listinfo/cobalt-security
> >
> > _______________________________________________
> > cobalt-security mailing list
> > cobalt-security@xxxxxxxxxxxxxxx
> > http://list.cobalt.com/mailman/listinfo/cobalt-security
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security