[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Security advisory

Subject: [cobalt-users] Security advisory
From: jon@xxxxxxxxxxxxxxxxxxxxxxx
Date: Thu Aug 3 10:32:18 2000

The Raq3 uses Kernel version 2.2.14...anyone know if Cobalt is
planning on upgrading the kernel to 2.2.16 or newer?


http://www.sendmail.org/sendmail.8.10.1.LINUX-SECURITY.txt

SENDMAIL SECURITY TEAM ADVISORY

	Sendmail Workaround for Linux Capabilities Bug

The Sendmail Consortium and Sendmail, Inc. has been informed
of a
serious problem in the Linux kernel that can be used to get root
access.  This is not a sendmail security problem, although sendmail
is one of the vectors for this attack.

PROBLEM

	There is a bug in the Linux kernel capability model for versions
	through 2.2.15 that allows local users to get root.  Sendmail
is
	one of the programs that can be attacked this way.  This problem
	may occur in other capabilities-based kernels.

SOLUTION

	The correct fix is to update your Linux kernel to version
	2.2.16.  This is the only way to ensure that other programs
	running on Linux cannot be attacked by this bug.


-----
Sent using MailStart.com ( http://MailStart.Com/welcome.html )
The FREE way to access your mailbox via any web browser, anywhere!

Follow-Ups:
- Re: [cobalt-users] Security advisory
  - From: Jeff Lovell

Prev by Date: Re: [cobalt-users] CGI Programming - File Uploads
Next by Date: Re: [cobalt-users] CGIIIIIIII!!!!
Previous by thread: RE: [cobalt-users] MX records
Next by thread: Re: [cobalt-users] Security advisory

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index