[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] CA-2002-35 - Vulnerability in RaQ Server Appliances

Subject: Re: [cobalt-security] CA-2002-35 - Vulnerability in RaQ Server Appliances
From: Charles Smith <charles.smith@xxxxxxx>
Date: Tue, 17 Dec 2002 11:07:29 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello Ian,

I wanted to let you know there was no RaQ 3 SHP product developed ordistributed by Sun-Cobalt. What appears to be occuring is those who arereporting issues have apparently replaced the RaQ 3 build with the RaQ 4build and have loaded the RaQ 4 SHP product onto this build.


Regards,

Charles

--
Charles Smith, CISSP, CCSE
Sun Linux Security Engineering Group
Sun Microsystems
Tel: 614-273-3255 (x57055)
Fax: 614-273-3291


Ian Finlay wrote:

Hello Folks,

My name is Ian Finlay. I work for the vulnerability handling team at
the CERT/CC (https://www.cert.org/). I am the author of CA-2002-35.

Based on feedback from folks in the Internet community, as well as
recent confirmation from Sun, we have come to the conclusion that RaQ
3 Server Appliances with SHP installed are vulnerable as well.

I've updated our Vulnerability Note
(http://www.kb.cert.org/vuls/id/810921) as well as the CERT/CC
Advisory (https://www.cert.org/advisories/CA-2002-35.html) to reflect
this new information.

Regards,
Ian

Ian Finlay

Internet Systems Security Analyst - CERT/CC OperationsNetworked Systems Survivability Program

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
CERT (R) Coordination Center             Email: cert@xxxxxxxx
Software Engineering Institute           WWW: http://www.cert.org
Carnegie Mellon University               Hotline: +1-412-268-7090
Pittsburgh, PA  USA  15213-3890          FAX: +1-412-268-6989
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy.

References:
- [cobalt-security] CA-2002-35 - Vulnerability in RaQ Server Appliances
  - From: Ian Finlay

Prev by Date: Re: [cobalt-security] CA-2002-35 - Vulnerability in RaQ Server Appliances
Next by Date: [cobalt-security] Old Issue? CA-2001-02
Previous by thread: [cobalt-security] CA-2002-35 - Vulnerability in RaQ Server Appliances
Next by thread: Re: [cobalt-security] CA-2002-35 - Vulnerability in RaQ Server Appliances

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index