[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!

Subject: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
From: Bruce Timberlake <Bruce.Timberlake@xxxxxxx>
Date: Thu, 15 Aug 2002 14:56:41 -0700
Organization: Sun Microsystems, Inc.
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Zeffie wrote:

Hi Folks,

    The recent RaQ4-en-Security-2.0.1-SHP.pkg allows a remote attacker to
cause system crashes.  To avoid this I suggest you disable the Scan
Detection in Parameters by selecting "do nothing".  Else you might not be
happy...

I have written a small script that can reproduce the problem consistently.

I don't seem to be able to find any way to contact Sun cobalt about this.

what to do?  maybe a whitepaper advert??

Sun Cobalt Please Call or contact me

Email Shaun White (shaun.white@xxxxxxx) - he's in charge of securitystuff, and runs cobalt-security list as well...


--
Bruce Timberlake
Cobalt/Linux Technology Engineer
Communications Market Area
Sun Microsystems, Inc. - San Diego

e: bruce.timberlake@xxxxxxx
t: 877-718-3569 / x69369

Follow-Ups:
- Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Zeffie

References:
- [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
  - From: Zeffie

Prev by Date: [cobalt-security] Email Duplicating
Next by Date: Re: [cobalt-security] RaQ 550 and bandwidth monitoring?
Previous by thread: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
Next by thread: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index