Home page logo
/

bugtraq logo Bugtraq mailing list archives

[ Cobalt ] Security Advisory -- 03.31.2000
From: jlovell () COBALT COM (Jeff Lovell)
Date: Fri, 31 Mar 2000 16:46:16 -0800


Cobalt Networks -- Security Advisory -- 03.31.2000

Problem:
RaQ2 and RaQ3 allow remote users to view the contents of
an .htaccess file contained within a public website.

Relevant products and architectures
Product         Architecture            Vulnerable
Qube1           MIPS                    No
Qube2           MIPS                    No
RaQ1            MIPS                    No
RaQ2            MIPS                    Yes
RaQ3            x86                     Yes

If your system is at risk you can you can downloaded the relevant
package and install it.  These are beta versions of the packages, Cobalt
is currently testing these packages.

RaQ 2 -
ftp://ftp.cobaltnet.com/pub/experimental/security/apache/RaQ2-All-Security-Point-2.97.pkg

RaQ 3 -
ftp://ftp.cobaltnet.com/pub/experimental/security/apache/RaQ3-All-Security-Point-2.4.pkg

If you experience any problems with these packages please email
jlovell () cobalt com or security () cobalt com 


--
Jeff Lovell
Software Engineer
Cobalt Networks, Inc.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]