[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] (no subject)
- Subject: Re: [cobalt-security] (no subject)
- From: Menno M Jansz <lists@xxxxxxxxx>
- Date: Thu, 14 Feb 2002 16:34:35 -0000
- Organization: Jansz.com
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi,
When/how do Sun advise us of this, and other security vulnerabilities? I was expecting a mail on the cobalt-announce list or here,
but haven't seen anything.
Cheers,
Menno
14/02/2002 15:14:08, Matt Barton <matt@xxxxxxxxxx> wrote:
>On Thu, 14 Feb 2002, dean browett wrote:
>
>> When can I expect to be able to get a pkg for the recent snmp
>> vulnerability disclosure or can someone point me in the direction of
>> another source?
>
>I executed "/usr/sbin/snmpd -V" on my RaQ 4 and got the following.
>
>cmu-snmp for Linux v3.7; Jul 1999
>http://www.gaertner.de/snmp/ -- The Linux CMU SNMP Project
>(compiled without IPX support)
>
>The CERT advisory that was released on Tuesday did not mention the CMU
>SNMP Project in the vendor list. So I went to the URL above and it said
>that the CMU SNMP Project has been discontinued. It recommends switching
>to NET-SNMP (aka UCD-SNMP).
>
>I think that if Cobalt is going to patch the service we'll end up getting
>a completely different SNMP agent, which is likely to push the release
>date of the package.
>
>I was using MRTG, which uses SNMP, to monitor bandwidth usage on the two
>Cobalt's we have, but I have turned off SNMP after read the advisory,
>which is what I recommend we all do until Cobalt advises us.
>
>--
>
>Matt Barton
>Webexcellence
>matt@xxxxxxxxxx
>Phone: 317.423.3548 x22
>Fax: 317.423.8735
>www.webexc.com
>
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security
>
>