[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Open letter to SUN/Cobalt
- Subject: Re: [cobalt-security] Open letter to SUN/Cobalt
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Thu, 3 May 2001 03:58:32 +0200
- Organization: Forumworld.com
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Jeff,
first of all many thanks for your detailed reply. It's much appreciated.
> This was fixed ages ago. If you have update 4.0 installed on your
> RaQ3 (assuming this is what you have the RaQ4 shipped with 3.0.2),
> you should be running 3.0.2 of qpopper. If for some reason you
> are still showing 2.53 and you have update 4.0 installed, you most
> likely installed an old version of pop-before-relay which may have
> contained a qpopper binary.
Hmm ... yes I once had an earlier version of Pop-before-SMTP installed, so it
might be that the update 4 .0 partially failed due to that. I'll grab the RPM
from the mentioned URL and will try it again.
> > ProFTPD 1.2.0rc3
>
> This has been in testing, and should be posted by the end of this week.
> In the meantime, you can pick up experimental copies of the RPMS we are
> testing from [...]
Cool. Another worry less. :o)
> I am only aware of a DoS against proftpd the proftp version that is
> currently on boxes.
Yes, the one relying on the glob() function as outlined in
http://www.cert.org/advisories/CA-2001-07.html
> If you could point me to a root exploit for this
> version (1.2.0rc3), I would greatly appreciate it. I can make sure a
> working exploit gets into the hands of the sustaining/sqa group so they
> can test appropriately.
I can't lay the finger on this procedure, but I've seen the CERT advisory
about it. Gimme a couple of hours of sleep first and I'll try to dig it up.
>> Kernel
>
> The kernel has already been fixed, and is going through an SQA cycle.
> It should be available shortly, it is 2.2.16C25, it is currently available
> in an unsupported rpm at:
Outch. Unsupported RPMs <g>. I spent the last two days recompiling kernels on
two machines that I have physical access to. I don't want to expose my
colocated RaQs to this kind of potentially risky update, so I'd rather wait
for the supported RPMs or PKGs. But it's good to know that you guys are
working at it and that a fixed kernel will be out soon.
Question: So the new kernels fix the ptrace() and sysctl() functions
properly?
> I hope I have addressed all of your concerns above.
Yes, you did and I really appreciate all the pointers and information.
You see, if you could make your patch-work (gee, playing with words here, no
pun intended) a little bit more transparent to guys like me (either on the
website or on this list) then that would be most beneficial and could stop a
couple of worries.
Nobody is expecting miracles from you, or exact dates when a patch will be
out. But a note that something about open issues is in the works would be
fine in any case. :o)
> updates have been a little slow to come out, and I can tell you that
> sustaining team is addressing these issues.
Good to know. Thanks again!
--
Mit freundlichen Grüßen / Best regards
Michael Stauber