[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Reports stoped on 15 may 2001

Subject: Re: [cobalt-security] Reports stoped on 15 may 2001
From: ProServe - Peter Batenburg <peter@xxxxxxxxxxx>
Date: Mon, 11 Jun 2001 21:22:16 +0200 (CEST)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

Maybe you can ask the people who release these patches to make proper
descriptions of it. It says now:
====
This security update prevents a buffer overflow exploit via analog using
the "alias" command. This package upgrades analog to v4.16-1(C1).
====
And NOTHING about log rotation. Maybe it's normal to you, but to some
customers it could be kind off confusing.

With kind regards,

Peter Batenburg

ProServe
Prisma 100
3364 DJ Sliedrecht
Tel.: 0184 - 423 815
Fax: 0184 - 417 160
http://www.proserve.nl

**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender by replying the email and please remove
the files from your computer.

This footnote also confirms that this email message has been swept
for the presence of computer viruses.
**********************************************************************

On Mon, 11 Jun 2001, Wouter van Reeven wrote:

> Hi,
>
> Cobalt has released an official fix for the logrotation problems found
> on our machines. Please go to
> http://www.cobalt.com/support/download/raq4.eng.html and install the
> analog Update 1.0.2 package (RaQ4-All-Security-1.0.2-9769.pkg). This
> should solve the problem.
>
>
> Kind regards,
>
>
> > We have seen this problems on some RaQ3's from customers. Cobalt does not
> > have an official fix, but their working on it. (Standard reply?)
> > I saw some post in cobalt-users with the url to the beta fix. Not
> > supported by Cobalt ofcourse.
> > I must note that on that RaQ3's it was possible to see the stats when you
> > went to Site Management -> Site Usage. But not at the Server
> > Management. By the way, this isn't really a security problem.
> >
> > With kind regards,
> >
> > Peter Batenburg
> >
> > ProServe
> > Prisma 100
> > 3364 DJ Sliedrecht
> > Tel.: 0184 - 423 815
> > Fax: 0184 - 417 160
> > http://www.proserve.nl
> >
> > On Sat, 9 Jun 2001, Jeroen Beukers wrote:
> >
> > > Hi,
> > >
> > > We have a Cobalt Raq4i server where we host various domains. Everything
> > > works properly besites one element.
> > > There are no longer reports (statistics) issued as from May 15/16 2001. All
> > > updates and patches are installed.
> > > If we review the reports we note that these are stopped on aforementioned
> > > date. Does anybody see this problem before and has a solution ??
> > >
> > > Jeroen Beukers
> > > mailto: jeroen@xxxxxxxxxx
> > > NetTune BV
> > > www.nettune.nl

References:
- Re: [cobalt-security] Reports stoped on 15 may 2001
  - From: Wouter van Reeven

Prev by Date: Re: [cobalt-security] profile of a bind worm
Next by Date: Re: [cobalt-security] profile of a bind worm
Previous by thread: Re: [cobalt-security] profile of a bind worm
Next by thread: [cobalt-security] Come DownUnder and get a RaQ4 StoreSense for US$49 (AU$99)/mth OR own the server outright $149/month - 1 year - incs colocation + Unlimited Data Output

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index