[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Fw: LiveSecurity | Information Alert: Flaw in Common Unix Library

Subject: [cobalt-users] Fw: LiveSecurity | Information Alert: Flaw in Common Unix Library
From: "Andy Clyde, oxfordmusic.net" <andy.clyde@xxxxxxxxxxxxxxx>
Date: Fri Mar 21 02:02:00 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

>
> SUMMARY:
>
> In an advisory posted yesterday, CERT described a buffer overflow
> type of vulnerability in Sun's XDR library, which is used in many
> Unix/Linux distributions and applications. Because the vulnerable
> library is used in so many places, a hacker could exploit the flaw
> in many ways. For instance a hacker could cause a Denial of Service,
> gain sensitive information from your systems, or even execute code
> on your machine.

is there a patch released for this? anyoe got any tips on blocking this
vulnerability?
it seems that my RaQ4 has theis library installed:
/usr/doc/python-docs-1.5.2/Doc/libxdrlib.tex
/usr/include/linux/lockd/xdr.h
/usr/include/linux/nfsd/xdr.h
/usr/include/linux/nfsd/xdr3.h
/usr/include/linux/sunrpc/xdr.h
/usr/include/rpc/xdr.h
/usr/lib/perl5/5.00503/i386-linux/rpc/xdr.ph
/usr/lib/python1.5/xdrlib.py
/usr/lib/python1.5/xdrlib.pyc
/usr/lib/python1.5/xdrlib.pyo
/usr/local/src/bind-8.3.3/src/port/ultrix/include/rpc/xdr.h
/usr/man/man3/xdr.3
/usr/i386-glibc20-linux/include/linux/lockd/xdr.h
/usr/i386-glibc20-linux/include/linux/nfsd/xdr.h
/usr/i386-glibc20-linux/include/linux/nfsd/xdr3.h
/usr/i386-glibc20-linux/include/linux/sunrpc/xdr.h
/usr/i386-glibc20-linux/include/rpc/xdr.h

andy

Prev by Date: Re: [cobalt-users] Database on RaQ4r
Next by Date: [cobalt-users] users email problem
Previous by thread: Re: [cobalt-users] BRT-chkrootkit-RaQ34-0.39a-04
Next by thread: [cobalt-users] users email problem

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index