[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] new vulnerabilities

Hi all,
been a while since I posted but Ive been reading the list. Due to other commitments havent realy been keeping an eye on new vulnerabilities as much as I should have.
I have tried the archives and google but im not sure if what we have now is strictly a standard raq4 setup. (SHP installed) 

Bind:
I noticed this bind problem, I updated bind manualy but we were one of the takers for the SHP, which I believe took it down to 8.2.3 but it is protected with stackguard. (Security Hardening Package) Is this a problem, do I need to and can I upgrade bind without breaking anything? 

Apache:
I also noticed the following problems with Apache that are solved in 1.3.27. (we are using 1.3.26) 
- Error page XSS using wildcard DNS CAN-2002-0840
- Shared memory permissions lead to local privilege escalation CAN-2002-0839
- Buffer overflows in ab utility CAN-2002-0843

SSH:
http://www.openssh.com/txt/preauth.adv - PAMAuthenticationViaKbdInt & UsePrivilegeSeparation All versions up to 3.3 are vulnerable, is this something we need to worry about. It states in the guide to disable these values, is this acheived by changing the value for each one to 'no' and uncommenting the line in the config. If so do I need to restart OpenSSH? 

----------------------
Sorry to be a pain and mention this on a Friday but im a little confused as to where we all stand. Some of us have the SHP installed, some of us dont, some of us seem to be updating things manualy based on information kindly provided by the list users, some of us aren't. 

Thanks for all help, comments and suggestions
MJM







_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail