[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Traceroute on Cobalts...
- Subject: Re: [cobalt-security] Traceroute on Cobalts...
- From: Jeff Lovell <jlovell@xxxxxxxxxx>
- Date: Mon, 09 Oct 2000 11:58:09 -0700
- Organization: Cobalt Networks, Inc.
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Gossi The Dog wrote:
>
> === local root exploit. Bugtraq informed, details on the list.
>
> In the meantime, chmod o-rwx /usr/sbin/traceroute; chown root:admin
> /usr/sbin/traceroute so no users can access it (web only users can call it
> via php).
RPMs are now available to address this problem. They are currently being
verified by our SQA department. If you would like to update the RPMs
directly, they are available at:
RaQ3 and RaQ4:
ftp://ftp.cobaltnet.com/pub/experimental/RPMS/traceroute-1.4a5-24.6x.i386.rpm
SRPM:
ftp://ftp.cobaltnet.com/pub/experimental/SRPMS/traceroute-1.4a5-24.6x.src.rpm
Verification (md5sum):
49bd824f9f4784ce9c45fa54285c7aa0 RPMS/traceroute-1.4a5-24.6x.i386.rpm
9fc2151d7cca01185add0ed085efcde0 SRPMS/traceroute-1.4a5-24.6x.src.rpm
These RPMs are directly from Redhat. Until the official release in the
form of a Cobalt pkg file, these RPMs are to be considered experimental
due to the absence of regression tests.
Jeff
--
Jeff Lovell
Cobalt Networks, Inc.