[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
- Subject: RE: [cobalt-security] Security Hardening Update 2.0.1 MAJOR FLAW!!!!!! ACTION REQUIRED!
- From: "Jamie - i-Dot" <jamie@xxxxxxxxx>
- Date: Fri, 16 Aug 2002 00:07:19 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Like the man says, just disable logging/emails
I am sure it will just be a remotely exploitable filelimit / email ddos,
Each scan will result in an admin email, do enough scans form enough
simulated host in such a short period, and the box will die due to
number of concurrent open emails / drain on resources sending them..
I could be wrong tho.. :)
-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx] On Behalf Of Gerald Waugh
Sent: 16 August 2002 00:00
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] Security Hardening Update 2.0.1 MAJOR
FLAW!!!!!! ACTION REQUIRED!
On Thursday 15 August 2002 06:15 pm, Paul Jacobs wrote:
>
> I know he KNOWS linux... I asked a simple question gerald... why are
> you getting so bent out of shape??? All other "patches" from sun
> cobalt have an install/un-install script why does this one not have
> one?
>
There are some pkgs that are irrevocable, there are some people on this
list that also put out some irrevocable patches. "solarspeed" or
something like that.
You want to get rid of those pkgs, you do a restore,
I think that those pkgs should have a warning from the surgeon
general!!!
--
Gerald Waugh
http://frontstreetnetworks.com SOHO Networks & Web Site Hosting
Front Street Networks LLC voice +1 203 785 0699 * fax +1 203 785
1787
229 Front Street, Ste. #C, New Haven CT 06513-3203
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security