Once upon a time, Sonny <sonny@xxxxxxxxx> said:
You could tell the list, and then we could all try to keep our RaQ550's
secure.
Well, it is a combination of unrelated problems that cause a security
problem, and it isn't a likely combination (although it does affect us
in our setup).
I've notified Sun about the problems I've seen. Hopefully, they'll take
quick action; otherwise, off to BUGTRAQ I'll go (and I'll post here as
well). While there are easy workarounds for the problems, describing
the workarounds would pretty much give away the problems, and I don't
want to do that just yet (as not all RaQ550 owners read this list).
I will say that the problems require local access (and in most cases
site admin access) to even try to exploit.