Hello Sun-Managers,
My original question concerned the output from cops:-
> Among the report messages were the following:-
>> Warning! /usr/ucb/rdist could have a hole/bug! (CA-91:20)
>> Warning! /sys/sun4c/OBJ/cons.o could have a hole/bug! (CA-90:12)
>> Warning! /bin/sunview1/selection_svc could have a hole/bug! (CA-91:10a)
>> Warning! /bin/mail could have a hole/bug! (CA-91:01a)
>> Warning! /usr/etc/in.telnetd could have a hole/bug! (CA-91:02a)
>> Warning! /usr/etc/rpc.mountd could have a hole/bug! (CA-91:09)
>> Warning! /sys/sun4c/OBJ/crt.o could have a hole/bug! (CA-91:16)
> Could someone please tell me what is a hole/bug what it can do and how I
> can remedy the situation.
Thanks to all those who replied. Most passed on that the CA-?? references
are to CERT advisory numbers, the alerts for which are obtainable from
ftp://info.cert.org/pub/cert_advisories
Patches can then be gained from sunsites like sunsite.unc.edu
Most warned that the holes enabled root access to the system.
Peter Allan gave the following advice:-
Your action on this could be to chase madly after all the latest patches
and OS versions. A more balanced approach would be to disable all the affected
features THAT YOU DON'T WANT, while patching those you do.
Thanks again to:-
tkevans@eplrx7.es.dupont.com
kopacik@alpha.dcs.fmph.uniba.sk
leif@infoseek.com
ca@informatik.uni-kiel.de
rackow@mcs.anl.gov
peter.allan@aea.orgn.uk
will@rossby.mit.edu
mulara88@matrix.newpaltz.edu
adamfox@super.org
regards,
michael
--------------------------------------------------------------------------------
Michael Tong Lee
Elizabeth College _--_|\
256 Elizabeth Street / \
HOBART, Tas 7001 \_.--._/
v
ph 002 35 6520 TASnet: Eliz_Mike@ecc.tased.edu.au
fax 002 31 2242 Internet: mtonglee@elizipc.eliz.tased.edu.au
--------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:09:07 CDT