[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Cobalt Security Advisory - 07.24.2000 - Qpopper

Subject: Re: [cobalt-users] Cobalt Security Advisory - 07.24.2000 - Qpopper
From: "Frank Cubillos" <cubillos@xxxxxxxxxxxxxxxxxx>
Date: Mon Jul 24 19:40:45 2000
Organization: eDirect America

Has anyone installed it on the RaQ3i yet? I have downloaded it but want to
hear feedback before I put it on our production server.
TIA
Frank

> --------------------------------------------------
> SNIP>
> --------------------------------------------------
> Qpopper 2.53 and older may permit an attacker who has
> access to a valid account to obtain a shell with group-id
> 'mail', potentially allowing read/write access to all mail.
> The Cobalt Qube2 was updated in with the latest
> version of qpopper as of OS Update 3.0.  If you
> have not installed that update yet, it is recommended
> you do so as soon as possible.  It can be found
> at:
> ftp://ftp.cobalt.com/pub/packages/qube2/eng/Qube2-Update-OS-2.0.pkg
> --------------------------------------------------
> Location:
>
> RaQ3
>
ftp://ftp.cobaltnet.com/pub/experimental/security/qpopper/RaQ3-Qpopper-3.0.2
.pkg
> RaQ2
>
ftp://ftp.cobaltnet.com/pub/experimental/security/qpopper/RaQ2-Qpopper-3.0.2
.pkg
> RaQ1
>
ftp://ftp.cobaltnet.com/pub/experimental/security/qpopper/RaQ1-Qpopper-3.0.2
.pkg
> Qube1
>
ftp://ftp.cobaltnet.com/pub/experimental/security/qpopper/Qube1-Qpopper-3.0.
2.pkg

References:
- [cobalt-users] Cobalt Security Advisory - 07.24.2000 - Qpopper
  - From: Jeff Lovell

Prev by Date: Re: [cobalt-users] (mail server name) Any other way to do this?
Next by Date: Re: [cobalt-users] remote backups?
Previous by thread: [cobalt-users] Cobalt Security Advisory - 07.24.2000 - Qpopper
Next by thread: [cobalt-users] .pkg archive?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index