[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] New Sendmail vulnerability :o(

Subject: Re: [cobalt-security] New Sendmail vulnerability :o(
From: "Robbert Hamburg \(HaVa Web- & Procesdesign\)" <user@xxxxxxx>
Date: Sun, 30 Mar 2003 12:44:57 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

just install the sol2 again (twice) and it worked for me

----- Original Message ----- 
From: "Barbara" <thebizworkers@xxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Sunday, March 30, 2003 11:13 AM
Subject: [cobalt-security] New Sendmail vulnerability :o(


> Hey Michael,
> 
> Just a quick follow-up to my last post to give you
> some feedback.. It looks like (as best as I can tell)
> I'm still running the Solarspeed previously patched
> version of sendmail -hence the RPM showing up as:
> 
> sendmail-8.10.2-C1sol1
> 
> I'm thinking the latest patch (sol2) tried to grab and
> roll-back to the Cobalt RPM's (for some reason), but
> it wasn't able to get to the Cobalt FTP server because
> of my firewall -so it left the sol1 version in place..
> I'm still not sure/clear why it would try and do so,
> but apparently it tried (hence the message I recv'd
> while trying to upgrade to sol2)..  I don't have
> mailscanner or really anything else installed on the
> RaQ4 - except neomail and webalizer (from pkgmaster),
> as well as your BIND/Qpopper and Sendmail patches..
> The only other pkgs installed have been official
> Cobalt pkg's. I was looking over the scripts in the
> sol2 pkg - and I don't have the Cobalt patch 16402
> installed (heck I can't even find it on Cobalt's site
> -did they pull it..?) 
> 
> Just giving some feed-back on my setup/experience..
> I'm trying to see where/why the script failed and
> tried to fall back to Cobalt's RPM's -when it was
> already running sendmail-8.10.2-C1sol1...?  I'm
> -thinking- (that's always dangerous) that I probably
> could just try and reinstall the pkg again and it
> might go in now since the sendmail-8.10.2-C1sol1
> uninstaller and md5 scripts/files have been removed..
> But I'll hold off until tomorrow to play with it a bit
> more.. It's late and I'm tired and don't want to be
> pulling an all nighter (just in case)...  :-)
> 
> Thanks again..!
> 
> Barbara
> 
> 
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
> http://platinum.yahoo.com
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by HaVa.nl MailScanner, and is
> believed to be clean.
> 
> 

-- 
This message has been scanned for viruses and
dangerous content by HaVa.nl MailScanner, and is
believed to be clean.

References:
- [cobalt-security] New Sendmail vulnerability :o(
  - From: Barbara

Prev by Date: [cobalt-security] New Sendmail vulnerability :o(
Next by Date: Re: [cobalt-security] New Sendmail vulnerability :o(
Previous by thread: [cobalt-security] New Sendmail vulnerability :o(
Next by thread: Re: [cobalt-security] New Sendmail vulnerability :o(

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index