[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Re: Cobalt/Sun security contact?

Subject: Re: [cobalt-security] Re: Cobalt/Sun security contact?
From: Mark Carey <mark.carey@xxxxxxx>
Date: Fri, 16 May 2003 14:43:56 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hello Chris,

I am Mark Carey, and I work in the Sun Linux Security Group. We arealways interested in hearing about potential issues. If you coulde-mail the issues to shaun.white <at> sun.com (SPAM prevention), we willbe happy to take a look at them and create patches.


   Thank you very much,
   Mark Carey.


Chris Adams wrote:

Once upon a time, Sonny <sonny@xxxxxxxxx> said:

You could tell the list, and then we could all try to keep our RaQ550'ssecure.


Well, it is a combination of unrelated problems that cause a security
problem, and it isn't a likely combination (although it does affect us
in our setup).

I've notified Sun about the problems I've seen.  Hopefully, they'll take
quick action; otherwise, off to BUGTRAQ I'll go (and I'll post here as
well).  While there are easy workarounds for the problems, describing
the workarounds would pretty much give away the problems, and I don't
want to do that just yet (as not all RaQ550 owners read this list).

I will say that the problems require local access (and in most cases
site admin access) to even try to exploit.

References:
- [cobalt-security] Cobalt/Sun security contact?
  - From: Chris Adams
- Re: [cobalt-security] Cobalt/Sun security contact?
  - From: Sonny
- [cobalt-security] Re: Cobalt/Sun security contact?
  - From: Chris Adams

Prev by Date: Re: [cobalt-security] XTR Update 16343 kills ASP Service
Next by Date: [cobalt-security] DNS: Raq3 to Raq2
Previous by thread: [cobalt-security] Re: Cobalt/Sun security contact?
Next by thread: Re: [cobalt-security] Cobalt/Sun security contact?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index