[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] New Vulnerability - zlib - Red Hat is vulnerable

Subject: Re: [cobalt-security] New Vulnerability - zlib - Red Hat is vulnerable
From: cobalt@xxxxxxxxxxxxx
Date: Thu, 14 Mar 2002 10:42:42 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On 13 Mar 2002 at 10:11, Rick Ewart wrote:

> Anyone seen this?
> http://www.kb.cert.org/vuls/id/368819
> 
> Here's the text... Any idea if Cobalts are vulnerable as Red Hat 6.2 is?
> Also, don't freak out - apparently nobody has seen it actually exploited
> yet.
> 
There is a list of apps affected by this at:

	http://www.gzip.org/zlib/apps.html

There is also a link to a perl script which will check for statically linked binaries:

	http://cert.uni-stuttgart.de/files/fw/find-zlib

Results from this script on Raq4i:

/bin
    rpm

/sbin
	install-info

/usr/bin
	mysql
    mysqladmin
    mysqldump
    mysqlimport
    mysqlshow
    mysqltest
    rpm2cpio

/usr/sbin
    mysqld
    pppdump

No other directories checked yet...

Ian

References:
- [cobalt-security] New Vulnerability - zlib - Red Hat is vulnerable
  - From: Rick Ewart

Prev by Date: Re: [cobalt-security] New Vulnerability - zlib - Red Hat is vulnerable
Next by Date: [cobalt-security] unoficial PHP 4.1.2 PKG bugged?
Previous by thread: Re: [cobalt-security] email forwarding aliases for non-users
Next by thread: [cobalt-security] Am I missing something here

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index