[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] New Sendmail vulnerability :o(
- Subject: Re: [cobalt-security] New Sendmail vulnerability :o(
- From: "Robbert Hamburg \(HaVa Web- & Procesdesign\)" <user@xxxxxxx>
- Date: Sun, 30 Mar 2003 12:44:57 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
just install the sol2 again (twice) and it worked for me
----- Original Message -----
From: "Barbara" <thebizworkers@xxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Sunday, March 30, 2003 11:13 AM
Subject: [cobalt-security] New Sendmail vulnerability :o(
> Hey Michael,
>
> Just a quick follow-up to my last post to give you
> some feedback.. It looks like (as best as I can tell)
> I'm still running the Solarspeed previously patched
> version of sendmail -hence the RPM showing up as:
>
> sendmail-8.10.2-C1sol1
>
> I'm thinking the latest patch (sol2) tried to grab and
> roll-back to the Cobalt RPM's (for some reason), but
> it wasn't able to get to the Cobalt FTP server because
> of my firewall -so it left the sol1 version in place..
> I'm still not sure/clear why it would try and do so,
> but apparently it tried (hence the message I recv'd
> while trying to upgrade to sol2).. I don't have
> mailscanner or really anything else installed on the
> RaQ4 - except neomail and webalizer (from pkgmaster),
> as well as your BIND/Qpopper and Sendmail patches..
> The only other pkgs installed have been official
> Cobalt pkg's. I was looking over the scripts in the
> sol2 pkg - and I don't have the Cobalt patch 16402
> installed (heck I can't even find it on Cobalt's site
> -did they pull it..?)
>
> Just giving some feed-back on my setup/experience..
> I'm trying to see where/why the script failed and
> tried to fall back to Cobalt's RPM's -when it was
> already running sendmail-8.10.2-C1sol1...? I'm
> -thinking- (that's always dangerous) that I probably
> could just try and reinstall the pkg again and it
> might go in now since the sendmail-8.10.2-C1sol1
> uninstaller and md5 scripts/files have been removed..
> But I'll hold off until tomorrow to play with it a bit
> more.. It's late and I'm tired and don't want to be
> pulling an all nighter (just in case)... :-)
>
> Thanks again..!
>
> Barbara
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop!
> http://platinum.yahoo.com
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>
> --
> This message has been scanned for viruses and
> dangerous content by HaVa.nl MailScanner, and is
> believed to be clean.
>
>
--
This message has been scanned for viruses and
dangerous content by HaVa.nl MailScanner, and is
believed to be clean.