Bugtraq mailing list archives
Re: Checking for most recent Solaris Security Patches
From: linux () AIIND UPV ES (Linux Mailing Lists)
Date: Wed, 13 Jan 1999 21:26:51 +0100
Hello,
Or use the automated email patch status robot at pogostick.net. See http://pogostick.net/~pdiag/english.html (or http://pogostick.net/~pdiag/ if you want it in norwegian) for more info.
Doesn't sound very good to send the configuration of your machine over the
internet by email. What if someone gets it and use that information to
know the vulnerabilities of your server? Using your service he would know:
* Which Software you have installed in your server
* Which patches you have applied (and what's more interesting, which
patches you *haven't* applied)
* The OS version, platform, etc...
* Your server's name
Mmmmmmm... Just the information someone would need to hack your system :)
What about making public the program you use, to run it locally?
(showrev -p ; pkginfo -l)|yourniceprog
Greetings,
Sergio
PS: Who knows who is really receiving your information at
pdiag () pogostick net ;)
Current thread:
- Wiping out setuid programs, (continued)
- Wiping out setuid programs D. J. Bernstein (Jan 05)
- Re: Wiping out setuid programs Darren Reed (Jan 06)
- Re: Wiping out setuid programs Illuminatus Primus (Jan 06)
- Re: Wiping out setuid programs Thamer Al-Herbish (Jan 06)
- Checking for most recent Solaris Security Patches spamhater () GRYMOIRE COM (Jan 06)
- Re: Checking for most recent Solaris Security Patches Ronan Waide (Jan 07)
- NFR Version 2.0.2 Research Now Available Deborah A. Greenberg (Jan 07)
- Re: Checking for most recent Solaris Security Patches Paul Brunk (Jan 08)
- Re: Checking for most recent Solaris Security Patches John D Groenveld (Jan 08)
- Re: Checking for most recent Solaris Security Patches Jon Ross (Jan 12)
- Re: Checking for most recent Solaris Security Patches Linux Mailing Lists (Jan 13)
- Re: Checking for most recent Solaris Security Patches Jon Ross (Jan 15)
- Lotus Notes SMTP Server bug Siva Sankar Adiraju (Jan 15)
- Re: Checking for most recent Solaris Security Patches //Stany (Jan 15)
- Wiping out setuid programs D. J. Bernstein (Jan 05)
- Re: Anonymous Qmail Denial of Service Perry E. Metzger (Jan 08)
- White Paper Annoucement NSS FIST (Jan 09)
- Re: Anonymous Qmail Denial of Service Snob Art Genre (Jan 10)
- Buffer overflow in www.boutell.com cgic library Jon Ribbens (Jan 10)
- Sekure SDI Advisory: mSQL Remote Bug (fwd) Sekure SDI SSC (Jan 10)
- nmap udp scan kills Neware (ex-HDS) X-terminals. Andrew V. Kovalev (Jan 11)
- Re: nmap udp scan kills Neware (ex-HDS) X-terminals. Adam Shostack (Jan 12)