[cobalt-security] Security Alert on MIPS based Cobalts

["Franklin S. Werren" <fswerren@xxxxxxxxxxxx>]

Hello All;

If you leave port 81 open to the net and use a MIPS
based Cobalt server, Raq 1 and 2? Qubes etc...
you may leave yourself open to compromises....

I did not find it on a Intel base RAQ3i
I did not check a RAQ 2 but I suspect it is the same

Try this www.yourdomain.com:81./cobalt
www.yourdomain.com:81/.cobalt/install 
www.yourdomain.com:81/cobalt/siteManage
others are
shared
images
help
error
appletData
about

You must use the main Domain not a virtual domain on a server

I found it on my Qube 2...Real Cute!!!
I do not let port 81 to connect outside my LAN.
so I have access to all the port 81 admin functions

I like my Qube but I think Cobalt has been real sloppy
with a proven OS like RedHat Linux.

I do not know how to fix this yet.....


Franklin S. Werren, webmaster@xxxxxxxxxxxx   www.bagpipes.net
Modem Madness Ringmaster at www.madbbs.com/webring/ 
ICQ 8556386 or fswerren46 on AOL's IM or fswerren46 for MSN Messenger

Frank's Radio, P.O. Box 990, Sherman NY 14781-0990
www.franksradio.net 
For the best ISP in Chautauqua County NY and North West Pa
go to www.madbbs.com    They treat you right.


BEGIN:VCARD
VERSION:2.1
N:Werren;Franklin;S
FN:Franklin S Werren
NICKNAME:Frank
ORG:Frank's Radio
TITLE:Owner
TEL;WORK;FAX:716-761-6460
ADR;WORK:;716-753-3500;P.O. Box 990;Sherman;NY;14781-0990;USA
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:716-753-3500=0D=0AP.O. Box 990=0D=0ASherman, NY 14781-0990=0D=0AUSA
X-WAB-GENDER:2
URL:
URL:http://www.franksradio.net
BDAY:19550617
EMAIL;PREF;INTERNET:webmaster@xxxxxxxxxxxx
EMAIL;INTERNET:fswerren@xxxxxxxxxxxx
EMAIL;INTERNET:fswerren@xxxxxxxxxx
EMAIL;INTERNET:n2jyg@xxxxxxxxxx
EMAIL;INTERNET:webmaster@xxxxxxxxxxxxxxx
REV:20001007T000450Z
END:VCARD