On Wed, 9 Jan 2002 16:09:43 +0000
Nick Drage <[EMAIL PROTECTED]> wrote:
> Excuse me emailing the list with this, but I've just received bounced
> email from [EMAIL PROTECTED] and [EMAIL PROTECTED] :)
I have a feeling that that this is not just email problem but the
problem of security for Cobalt products at large :-(
Here is my list of outstanding security problems that are not
addressed by any published patches:
Kernel:
ptrace (Local, root access)
[patch for RaQ3 and Qube3 exist but not for other products]
syncookie (Remote, ? not sure how severe)
symlink (Local, DoS)
Glibc:
glob() (Remote, potential DoS)
Apps:
UW imapd (Remote, root access? not sure)
Correct me if I am wrong...
Eugene
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
