[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Traceroute on Cobalts...

Subject: Re: [cobalt-security] Traceroute on Cobalts...
From: Jeff Lovell <jlovell@xxxxxxxxxx>
Date: Mon, 09 Oct 2000 11:58:09 -0700
Organization: Cobalt Networks, Inc.
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Gossi The Dog wrote:
> 
> === local root exploit.  Bugtraq informed, details on the list.
> 
> In the meantime, chmod o-rwx /usr/sbin/traceroute; chown root:admin
> /usr/sbin/traceroute so no users can access it (web only users can call it
> via php).

RPMs are now available to address this problem.  They are currently being
verified by our SQA department.  If you would like to update the RPMs
directly, they are available at:

RaQ3 and RaQ4:
ftp://ftp.cobaltnet.com/pub/experimental/RPMS/traceroute-1.4a5-24.6x.i386.rpm

SRPM:
ftp://ftp.cobaltnet.com/pub/experimental/SRPMS/traceroute-1.4a5-24.6x.src.rpm

Verification (md5sum):
49bd824f9f4784ce9c45fa54285c7aa0  RPMS/traceroute-1.4a5-24.6x.i386.rpm
9fc2151d7cca01185add0ed085efcde0  SRPMS/traceroute-1.4a5-24.6x.src.rpm

These RPMs are directly from Redhat.  Until the official release in the
form of a Cobalt pkg file, these RPMs are to be considered experimental
due to the absence of regression tests.

Jeff

--
Jeff Lovell
Cobalt Networks, Inc.

References:
- [cobalt-security] Traceroute on Cobalts...
  - From: Gossi The Dog

Prev by Date: Re: [cobalt-security] unsubscribe
Next by Date: [cobalt-security] SSH not able to Make on Cobalts
Previous by thread: [cobalt-security] Traceroute on Cobalts...
Next by thread: [cobalt-security] mailproblems after RaQ2 upgrade.

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index