[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues

Subject: Re: [cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues
From: "Zeffie" <cobaltlist@xxxxxxxx>
Date: Fri, 30 Aug 2002 08:03:06 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> there are still Cross-Site-Scripting vulnerabilities 
> with latest patched CGI-Wrapper on the RaQs.
> Atackers can steal session cookies, 
> can display  fake information on victim browser.
> Quick FIX:(My RaQ3)
> telnet www.domain.jp 23

telnet?

> Cobalt Linux release 5.0 (Pacifica)
> Kernel 2.2.16C28_III on an i586

You haven't done the kernel update from Jan 7 2002

<snip>

Delete your files?  Is this a another scare sales thing?

Zeffie
http://www.zeffie.com/

Follow-Ups:
- Re: [cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues
  - From: K-IM

References:
- [cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues
  - From: K-IM

Prev by Date: [cobalt-security] CgiWrap SRPM
Next by Date: [cobalt-security] RaQ3 upgrade Qs
Previous by thread: [cobalt-security] CgiWrap SRPM
Next by thread: Re: [cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index