[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-developers] security

Subject: [cobalt-developers] security
From: Ilmars Knipshis <ilmars@xxxxxxxxxxxx>
Date: Wed Mar 13 18:27:06 2002
Organization: Hermitage Technologies
List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>

Hello cobalt-developers,

Is that solved?
  "Cobalt's RAQ 4 server has three remote vulnerabilities. The service.cgi script has a cross site
  scripting vulnerability because it incorrectly parses the incoming searches and includes HTML
  tags and Javascript in the result. A directory traversal vulnerability allows attackers to read
  restricted files or passwords and profiles the users. In addition, a very long URL string will
  crash the service." http://packetstorm.mirror.widexs.nl/filedesc/Colbalt-RAQ-v4.txt.html

And zlib? http://www.theregister.co.uk/content/5/24387.html
-- 
Regards,
 Ilmars Knipshis
 Hermitage Solutions
 +371 7325553
 +371 7214458
 mailto:ilmars@xxxxxxxxxxxx

Prev by Date: AW: [cobalt-developers] Biggest Drive suzitable in RaQ4
Next by Date: RE: [cobalt-developers] Perl 5.6
Previous by thread: RE: [cobalt-developers] security
Next by thread: [cobalt-developers] .htaccess and Account Manager LITE on Raq4

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index