Bugtraq mailing list archives
Various resources
From: cklaus () shadow net (Christopher Klaus)
Date: Thu, 29 Sep 94 10:40:56 EDT
I have had quite a few requests for the Sun Mailing List and 8LGM
information.
to get the 8lgm's advisories, do the following:
echo send * | mail 8lgm-fileserver () bagpuss demon co uk
or mail that address with help in the body of the message for more
information.
For the Sun Mailing list, I have compiled a list of vendors and possible
resources from those vendors. Underneath Sun, it explains how to get
on their mailing list. There are mailing lists for HP, CERT, and CIAC
as well.
Archive-name: computer-security/vendor-contacts
Posting-frequency: monthly
Last-modified: 1994/06/22
Version: 1.7
"It [Vendor Security Contact FAQ] is the kind of thing that makes you look
good at work when your boss decides he's joe security and wants a patch (for
like rdist - duh!) yesterday..." -- Tim Scanlon, System Analyst
Vendor Security Contacts: Reporting Vulnerabilities
and Obtaining New Patches
The following FAQ is a list of security contacts to reach at various
vendors for reporting security vulnerabilities and obtaining new security
related patches.
With the rising number of people and hosts gaining access to the
Internet, the basic integrity of the Net needs to be maintained. Many of
security incidents that happen on Internet could have been avoided by
installing security patches that are available by vendors. It is important
to get the recent patches and ensure that your systems are configured
properly. With intruders and their underground network having quick access
to security vulnerabilities, it is important that administrators have
security information available and not rely on just One organization.
Here are the security contacts that information is available for:
A/UX, Cray Research, Dec, HP, IBM, Next, SCO, SGI, and Sun.
When reporting a new security bug, try to be as specific as
possible about how to reproduce it, which OS release (uname -a), and any
other release numbers of software that are involved.
A/UX
Contact information for A/UX as follows:
Send security related information to the following people:
Erik E. Fair fair () apple com
and CC: staff () apple com
antonio () aux support apple com (A/UX support person).
Cray Research
Contact information for Cray Research as follows:
Cray Research customers should first direct questions and concerns to on-site
support personnel (if provided by their service contract). Other contacts
should be made through the
Technical Service Center
Cray Research, Inc.
655F Lone Oak Drive
Eagan MN 55121
USA
tel. +1-612-683-5600
email. support () cray com
Dec
Contact information for Dec as follows:
Send security related information to the following person:
FIRST Contact: Rich Boren rich.boren () cxo mts dec com (719) 592-4689
Security patches are issued by Customer Support Centers.
HP
Contact information for HP as follows:
For security concerns, questions, or problems, you can contact:
security-alert () hp com
Obtaining Patches:
The HP SupportLine mail service is available to anyone who can send electronic
mail via the Internet.
If you have access to the Internet or can send electronic mail via an Internet
mail forwarder, you can use the HP SupportLine mail service.
********************************************************************************
* How do I access the HP SupportLine mail service? *
********************************************************************************
o To obtain a copy of the HP SupportLine mail service user's guide, send the
following in the TEXT PORTION OF THE MESSAGE to support () support mayfield hp com
(no Subject is required):
send guide
Note: The HP SupportLine mail service user's guide is formatted using nroff. If
you would like an ASCII version of the user's guide or if you are utilizing a
non-UNIX mail reader, replace "send guide" with "send guide.txt".
o Once your request is received, the HP SupportLine mail service will send you
a copy of the user's guide.
o If you encounter any problems using the HP SupportLine mail service, report
them to support-feedback () support mayfield hp com
********************************************************************************
* What mailing lists are available? *
********************************************************************************
The following is a list of all mailing lists available via the HP SupportLine
mail service:
mailing_list_name Description
----------------- -----------
hpux_all_patch weekly digest of all new hp-ux patches
hpux_300_patch weekly digest of all new hp-ux s300_400 patches
hpux_700_patch weekly digest of all new hp-ux s700 patches
hpux_800_patch weekly digest of all new hp-ux s800 patches
dom_all_patch weekly digest of all new domain patches
dom_m68k_patch weekly digest of all new domain m68k patches
dom_a88k_patch weekly digest of all new domain a88k patches
technical_tips weekly digest of new HP Technical Tips
existing_news monthly digest of new Existing Product News
general_news monthly digest of new HP General News
new_products monthly digest of new HP Product Information
security_info Latest digest of new HP Security Bulletins
security_info_list Index of available HP Security Bulletins
o To subscribe to an HP SupportLine mail service mailing list, send the
following in the TEXT PORTION OF THE MESSAGE to support () support mayfield hp com
(no Subject is required):
subscribe mailing_list_name (i.e. subscribe hpux_all_patch)
On a weekly or monthly basis, the HP SupportLine mail service will create and
distribute the requested mailing_list_name digest directly to your mailbox.
********************************************************************************
* How do i get a Patch from HP? *
********************************************************************************
If you know the name of the patch needed, Email to:
support () support mayfield hp com
with the body of the message stated as:
"send PHKL_9999"
The patch will automatically be mailed back to you with a mail unpacker
script (patch_maker).
If you just want the README for the patch, Email a message to:
support () support mayfield hp com
with the body of the message stated as:
"send doc PHKL_9999"
The patch README will be mailed back to you.
Response Center Customers: 1-800-633-3600
BasicLine Customers: 1-415-691-3888
Also try email to bkelley () cup hp com
Outside the U.S., contact your local Response Center.
IBM
Contact information for IBM as follows:
IBM support @ 1-800 237-5511
Email to services () austin ibm com
Send security related information to Nick Trio (nrt () watson ibm com,
a.k.a. postmaster () ibm com) Unix person on IBM's Computer Emergency Response
Team) and Alan Fedeli (fedeli () vnet ibm com).
There are some security patches on anonymous FTP software.watson.ibm.com
in pub/aix3 for AIX.
Security patches are issued through your IBM sales office.
Next
Contact information for Next as follows:
Technical Support at "ask_next () next com"
Phone number: 800.848.6398.
Address is 900 Chesapeake Drive; Redwood City, CA; 94063.
SCO
Contact information for The Santa Cruz Operation (SCO):
Send security related information to:
security-alert () sco com
Security patches are issued on an as-needed basis and will be available
at ftp.sco.com and its mirrors.
When submitting information about a security problem, please include
output of the following commands:
uname -X
swconfig
hwconfig -h (if hardware-related)
and as much detail about the problem as you can muster.
SGI
Contact information for SGI as follows:
Send security related information to:
security-alert () sgi com
If there is no response, try Dave Olson olson () anchor esd sgi com.
Support line 1-800-800-4SGI and ask what patches are available.
There are some security patches on anonymous FTP sgi.com in
directory sgi/IRIX4.0 (or 5.0 if the system is IRIX5).
Security patches are issued through your SGI sales office.
Sun
Contact information for Sun as follows:
email: security-alert () sun com
phone: 415-688-9081
Fax: 415-688-9101
postal:
Sun Security Coordinator
MS MPK2-04
2550 Garcia Avenue
Mountain View, CA 94043-1100
For reporting security vulnerabilities and problems, Sun strongly recommends
that you report problems to your local Answer Center and your representative
computer security response team, such as CERT. In some cases your local Answer
Center will accept a report of a security bug even if you do not have a support
contract. An additional notification to the security-alert alias is suggested
but should not be used as your primary vehicle for reporting a bug.
Sun Security Bulletins
Sun Security Bulletins are available free of charge as part of our Customer
Warning System. It is not necessary to have a Sun support contract in order
to receive them.
To subscribe to this bulletin series, send mail to the address
"security-alert () Sun COM" with the subject "subscribe CWS your-mail-address"
and a message body containing affiliation and contact information. To request
that your name be removed from the mailing list, send mail to the same
address with the subject "unsubscribe CWS your-mail-address". Do not include
other requests or reports in a subscription message.
Due to the volume of subscription requests Sun receives, Sun cannot guarantee
to acknowledge requests. Please contact the security office if you wish to
verify that your subscription request was received, or if you would like your
bulletin delivered via postal mail or fax.
Sun Security Bulletins are archived on ftp.uu.net (in the same directory as
the patches) and on SunSolve. Please try these sources first before
contacting the security office for old bulletins.
Other Resources
Firewalls Mailing List has useful information regarding firewalls and how to
implement them for security. Send the following line to
majordomo () greatcircle com: subscribe firewalls
The CERT (Computer Emergency Response Team) advisory mailing list. Send
e-mail to cert () cert org, and ask to be placed on their mailing list. Past
advisories and other information related to computer security are available
for anonymous FTP from cert.org (192.88.209.5).
The CIAC (Computer Incident Advisory Capability) of DoE. To report a
vulnerability, contact CIAC at 510-422-8193 (voice), 510-423-8002 (fax),
510-423-2604 (stu-iii), or ciac () llnl gov. Previous CIAC bulletins and other
information is available via anonymous ftp from irbis.llnl.gov (ip address
128.115.19.60).
CIAC has several self-subscribing mailing lists for electronic publications:
1. CIAC-BULLETIN for Advisories, highest priority - time critical information
and Bulletins, important computer security information;
2. CIAC-NOTES for Notes, a collection of computer security articles;
3. SPI-ANNOUNCE for official news about Security Profile Inspector (SPI)
software updates, new features, distribution and availability;
4. SPI-NOTES, for discussion of problems and solutions regarding the use of
SPI products.
CIAC mailing lists are managed by a public domain software package called
ListProcessor, which ignores E-mail header subject lines. To subscribe (add yourself) to one of our mailing
lists, send the following request as the E-mail message body, substituting CIAC-BULLETIN, CIAC-NOTES,
SPI-ANNOUNCE or
SPI-NOTES for "list-name" and valid information for "LastName" "FirstName" and "PhoneNumber" when sending
E-mail to ciac-listproc () llnl gov:
subscribe list-name LastName, FirstName PhoneNumber
e.g., subscribe ciac-notes O'Hara, Scarlett 404-555-1212 x36
You will receive an acknowledgment containing address, initial PIN, and
information on how to change either of them, cancel your subscription, or get
help.
Standard Form From CERT
Here is the form CERT provides for reporting new vulnerabilities found
in Unix platforms.
CERT Coordination Center
Product Vulnerability Reporting Form
Reporter Information
Reporter name :
Reporter e-mail :
Reporter phone / fax :
Reporter affiliation and address:
Reported to vendor: Y/N
Date of report :
Vendor contact name :
Vendor contact phone :
Vendor contact e-mail :
Vendor reference number :
===============================================================================
Policy Info
Reporter Considerations
Pass name to vendor? :
Use name in advisory? :
Special considerations (e.g. restrictions on dissemination):
===============================================================================
Technical Info
Vulnerability number (after assigned by CERT) :
Problem Description:
Impact:
Currently being exploited? : Y/N
Exploitation:
Systems and/or configurations vulnerable
System :
OS version :
Verified/Guessed:
Workarounds and/or fixes:
Problem Analysis:
Source code, logs, or other supporting technical info:
Acknowledgements
Thanks Dave Millar for helping provide a portion of the information.
Copyright
This paper is Copyright (c) 1994
by Christopher Klaus of Internet Security Systems, Inc.
Permission is hereby granted to give away free copies. You may
distribute, transfer, or spread this paper. You may not pretend that you
wrote it. This copyright notice must be maintained in any copy made.
Disclaimer
The information within this paper may change without notice. Use of
this information constitutes acceptance for use in an AS IS condition.
There are NO warranties with regard to this information. In no event shall
the author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
Address of Author
Please send suggestions, updates, and comments to:
Christopher Klaus <cklaus () shadow net>
of Internet Security Systems, Inc. <iss () shadow net>
--
Christopher William Klaus <cklaus () shadow net> <iss () shadow net>
Internet Security Systems, Inc. Computer Security Consulting
2209 Summit Place Drive, Penetration Analysis of Networks
Atlanta,GA 30350-2430. (404)518-0099. Fax: (404)518-0030
Current thread:
- Various resources Christopher Klaus (Sep 29)
- Re: Various resources Craig Metz (Sep 29)
- Re: Various resources Karl Strickland (Sep 29)
- kern_exec.c an134699 () anon penet fi (Sep 29)
- Re: kern_exec.c Karl Strickland (Sep 29)
- Re: kern_exec.c Len Rose (Sep 29)
- A request Mark Graff (Sep 29)
- A request Scott D. Yelich (Sep 30)
- Mail flags for using procmail instead of /bin/mail? James R. Ault (Sep 30)
- Re: Mail flags for using procmail instead of /bin/mail? Adam Shostack (Sep 30)
- Re: kern_exec.c John Hawkinson (Sep 29)
- Re: Various resources Craig Metz (Sep 29)