[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!

Subject: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
From: "Zeffie" <cobaltlist@xxxxxxxx>
Date: Thu, 15 Aug 2002 13:52:43 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Folks,

    The recent RaQ4-en-Security-2.0.1-SHP.pkg allows a remote attacker to
cause system crashes.  To avoid this I suggest you disable the Scan
Detection in Parameters by selecting "do nothing".  Else you might not be
happy...

I have written a small script that can reproduce the problem consistently.

I don't seem to be able to find any way to contact Sun cobalt about this.

what to do?  maybe a whitepaper advert??

Sun Cobalt Please Call or contact me

Zeffie
http://www.zeffie.com/

Follow-Ups:
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Gerald Waugh
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Paul Jacobs
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Michael Stauber
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Bruce Timberlake

Prev by Date: Re: [cobalt-security] RaQ 550 and bandwidth monitoring?
Next by Date: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
Previous by thread: Re: [cobalt-security] RaQ 550 and bandwidth monitoring?
Next by thread: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index