[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Raq 550 Remote Exploits?

Subject: Re: [cobalt-security] Raq 550 Remote Exploits?
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Wed, 28 Jan 2004 11:09:22 +0100
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Anders,

> Considering that the exploit and the patch was known back in december,
> I wouldn't be too sure about the "soon" part of the kernel patch.

As you say: These vulnerabilities have been around since December. The C10 
Kernel was built in August and relesed in September. So we might be lucky and 
get a new Kernel within the next 1-2 months.

> It's not impossible to patch the "dobrk" and "mremap" functions yourself,
> though. "Just" requires to rebuild the kernel from the latest SRPM. (C10)

Yeah, that's always an option. However, I'm not sure if I want to press that 
"I feel lucky" button - at least not in the form of making custom kernels 
available for download. Support wise that kind of explicitly unsupported 
custom PKG could become quite support intensive.

-- 

With best regards,

Michael Stauber

References:
- Re: [cobalt-security] Raq 550 Remote Exploits?
  - From: Anders

Prev by Date: [cobalt-security] Allowing dynamic range through firewall
Next by Date: RE: [cobalt-security] Allowing dynamic range through firewall
Previous by thread: Re: [cobalt-security] Raq 550 Remote Exploits?
Next by thread: Re: [cobalt-security] Raq 550 Remote Exploits?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index