[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues
- Subject: Re: [cobalt-security] QuickFIX:CGIWrap Update: Patched RaQ still has issues
- From: "Zeffie" <cobaltlist@xxxxxxxx>
- Date: Fri, 30 Aug 2002 08:03:06 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> there are still Cross-Site-Scripting vulnerabilities
> with latest patched CGI-Wrapper on the RaQs.
> Atackers can steal session cookies,
> can display fake information on victim browser.
> Quick FIX:(My RaQ3)
> telnet www.domain.jp 23
telnet?
> Cobalt Linux release 5.0 (Pacifica)
> Kernel 2.2.16C28_III on an i586
You haven't done the kernel update from Jan 7 2002
<snip>
Delete your files? Is this a another scare sales thing?
Zeffie
http://www.zeffie.com/