Hi,
When/how do Sun advise us of this, and other security vulnerabilities? I was expecting a mail on the cobalt-announce list or here, but haven't seen anything. Cheers, Menno 14/02/2002 15:14:08, Matt Barton <[EMAIL PROTECTED]> wrote: >On Thu, 14 Feb 2002, dean browett wrote: > >> When can I expect to be able to get a pkg for the recent snmp >> vulnerability disclosure or can someone point me in the direction of >> another source? > >I executed "/usr/sbin/snmpd -V" on my RaQ 4 and got the following. > >cmu-snmp for Linux v3.7; Jul 1999 >http://www.gaertner.de/snmp/ -- The Linux CMU SNMP Project >(compiled without IPX support) > >The CERT advisory that was released on Tuesday did not mention the CMU >SNMP Project in the vendor list. So I went to the URL above and it said >that the CMU SNMP Project has been discontinued. It recommends switching >to NET-SNMP (aka UCD-SNMP). > >I think that if Cobalt is going to patch the service we'll end up getting >a completely different SNMP agent, which is likely to push the release >date of the package. > >I was using MRTG, which uses SNMP, to monitor bandwidth usage on the two >Cobalt's we have, but I have turned off SNMP after read the advisory, >which is what I recommend we all do until Cobalt advises us. > >-- > >Matt Barton >Webexcellence >[EMAIL PROTECTED] >Phone: 317.423.3548 x22 >Fax: 317.423.8735 >www.webexc.com > >_______________________________________________ >cobalt-security mailing list >[EMAIL PROTECTED] >http://list.cobalt.com/mailman/listinfo/cobalt-security > > _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
