Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Info on some security holes reported against SCO Unixware.

From: btellier () USA NET (Brock Tellier)
Date: Fri, 21 Jan 2000 11:27:07 CST

Aaron Sigel <aarons () SCO COM> wrote:

Greetings,

Recent Bugtraq posts have exposed security holes with a couple
packages distributed with SCO's Skunkware CD.  These packages
are:
        majordomo (wrapper, resend)
        orion (pis, mkpis)

These issues are security holes in the distributed versions of these
packages, and are not SCO security holes.


No, I was doing a UnixWare audit, which, as far as I know, does not include
the Skunkware CD.  Even if it does, I'm sure I didn't install it on top of the
normal UW CD install.  If these applications are from the Skunkware distro and
were merely included on the UW installation CD's, the user is never notified
that they are installing "unsupported", possibly insecure software.  From an
end-user perspective, it doesn't make any difference that these programs are
insecure but not written by SCO.

Brock Tellier
UNIX Systems Administrator
Chicago, IL, USA
btellier () usa net

____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
Previous By Date Next
Previous By Thread Next

Current thread: