RE: [cobalt-security] FW: Cobalt RaQ4 Remote root exploit

["Goade, Matthew" <mgoade@xxxxxxxxxxxxxxx>]

Do you need imap? You could try blocking access to port 81 except from trusted hosts...
I do not know if it can exploit other ports. I only have 1 raq and I patched it already.

-----Original Message-----
From: njd 76 [mailto:njd76@xxxxxxxxxxx]
Sent: Thursday, December 05, 2002 5:40 PM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] FW: Cobalt RaQ4 Remote root exploit


i was scared you would say that... jeez...

Well i have a RAQ4 with the SHP installed, since Sun isnt going to answer 
me... anyone else want to tell me what to do. I am scared to use the 
uninstall because some are saying it takes out the imap update.

Any suggestions on what people like me should do?




>From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
>Reply-To: cobalt-security@xxxxxxxxxxxxxxx
>To: cobalt-security@xxxxxxxxxxxxxxx
>Subject: Re: [cobalt-security] FW: Cobalt RaQ4 Remote root exploit
>Date: Fri, 6 Dec 2002 00:34:28 +0100
>
> > just to clear this up. when executing this program do you have to be on 
>the
> > RAQ server or can it be done on any client machine?
>
>It is a *remote* root exploit. So anyone can run it from anywhere.
>
>--
>
>With best regards,
>
>Michael Stauber
>mstauber@xxxxxxxxxxxxxx
>Unix/Linux Support Engineer
>
>_______________________________________________
>cobalt-security mailing list
>cobalt-security@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-security


_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online 
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963

_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security