[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] New Exploit?
- Subject: Re: [cobalt-security] New Exploit?
- From: David Kennedy CISSP <david.kennedy@xxxxxxx>
- Date: Wed, 19 Dec 2001 07:58:03 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
-----BEGIN PGP SIGNED MESSAGE-----
At 09:11 AM 12/11/01 +0100, Taco Scargo wrote:
>The latest kernel for RaQ 4 is 2.2.16C28. This version includes the
>patch to close the above mentioned rule. So either you hadn't
>installed the latest kernel (which was posted on September 20,
>2001) or you didn't reboot after installation.
It might have been useful had the cobalt-announce item on this
mentioned it was a security-related patch.
>=======================================
>Software Updates For Sun Cobalt RaQ 4
>=======================================
>RaQ4-All-Kernel-1.0.1-2.216C28III: Special Characters 1.0.1
>Requires Reboot: YES
>MD5 Check Sum: dad1efe8427613aa4830f85068529647
>
>Kernel C24 and C27 would not allow the system to switch to the
>correct disk after a RAID failure. To correct this a new modutils
>has been included for the gen III Kernel so that the bandwidth
>module could correctly load automatically after a reboot.Also
>included in the update is the fix for the sysctl negative offset bug
>as well as the ptrace setuid bug.
>
>
Compare the above to:
>=======================================
>Software Updates For Sun Cobalt RaQ 4
>=======================================
>RaQ4-All-Security-1.0.1-10749: Running Bind as Named 1.0.1
>Requires Reboot: YES
>MD5 Check Sum: 6551930df28b21af5ba2d457ef2a2f0f
>
>This patch addresses an issue with the way named is run on Sun
>Cobalt Server Appliances. Currently, named is run with root
>permissions, this patch adds a user named 'named', and installs new
>initscripts to startup named with the proper arguments to run as the
>user named.
>
The first notice looks to correct a few bugs. The second clearly
tells administrators there's a security issue to be fixed. Some
administrators put different priorities on security patches versus
bug-fixes that may not apply to their environments.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: hacker=cybercriminal--the definition changed; get over it
iQCVAwUBPCCO2fGfiIQsciJtAQEjGAP7BswVaJ2/+yvq9PG5+vZQ8W/Ii7xWTpuF
Z3nkVX+FKC5MY1TsrEXswH4w+W293OIs6RGyB6lsSVb/HSH15spLjlQ8j2XqXEIA
F3k0/JrL9RqZ6YuJVq9JEcJWcvPWXCJuxv18sRffwsP8y6NPll8RaUm/9MCe6QnC
YTbboqtf4nc=
=MAb4
-----END PGP SIGNATURE-----
--
Regards,
David Kennedy CISSP /"\
Director of Research Services, \ / ASCII Ribbon Campaign
TruSecure Corp. http://www.trusecure.com X Against HTML Mail
Protect what you connect; / \
Look both ways before crossing the Net.