Re: [cobalt-users] Re: is this what we've been discussing - CERT Advisory CA-2002-27 Apache/mod_ssl Worm

["Dave Thurman (Mailing List Email)" <listonly@xxxxxxxxxxxxxxxxxxxx>]

on 9/15/02 12:47 PM, Chris Adams stated:

> It will also not affect the most important thing: the Apache web
> server's SSL support (which is what the worm targets), because that is
> also compiled statically against OpenSSL.
> 
> Sun needs to release a security fix for this for all RaQs.  RaQ3s and up
> come with SSL, and we bought an SSL add-on from Cobalt for our RaQ1s and
> RaQ2s (of which we still have a few in service).
> 
> Since the admin server runs as root and has SSL support on the RaQ3 and
> up, this is a serious security threat (if someone wrote a worm that
> targeted the admin server port they could get full root access to every
> RaQ3 and up).

Problem is Chris, and I see your point on what I was attempting may not be
the fix, waiting for Sun/Cobalt could take a while, remember the Apache
issue? Or about 4 others that they said updates out in next week (SHP) and
we are still waiting. I think we (the community) is going to have to start
relying on our selves to fix the exploits starting to appear. Starting to
sound like open source talk to me:). Many of us are running production boxes
with no choice but to keep the boxes up and running and cross our fingers.

Not trying to start a flame thread, just being realistic about having
Sun/Cobalt meet our needs in a manner that covers out butts and our PAYING
clients that expect US to be the experts.
-- 
Thanks!!
Dave Thurman
The Web Presence Group / www.webpresencegroup.net
Listonly <at> webpresencegroup.net / Spam Block 8^Q