Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Digital Unix/SCO/AIX & CERT Advisory CA-2000-13

From: nick.boyce () EDS COM (Boyce, Nick)
Date: Fri, 14 Jul 2000 14:43:51 +0100

[ In case any other Digital Unix system admins out there are wondering ... ]

The CERT Advisory on the FTP Daemon "SITE EXEC" and "SetProcTitle" bugs
omitted any comment from Compaq about the vulnerability of Digital Unix's
FTP server (not to mention Ultrix ...)

I logged a call on Tuesday with Compaq to try to get an answer, and all they
have said so far is :

(a) The following comment was sent to CERT, but "missed the post"

        COMPAQ COMPUTER CORPORATION
        ------------------------------

        At the time of writing this document, this reported problem is
        currently still under evaluation by engineering to determine the
        requirement of a solution if necessary. COMPAQ will
        provide an update to this advisory accordingly.

(b) "We are trying to determine what, if any, impact this may have on Tru64
Unix and TCP/IP for OpenVMS."

BTW: Does anyone know what the IBM AIX / SCO OpenServer / SCO Unixware
position is re these bugs ?

Nick
Systems Team, EDS Healthcare, Bristol, UK
Previous By Date Next
Previous By Thread Next

Current thread: