Date: Fri, 31 Mar 2000 16:46:16 -0800
From: Jeff Lovell jlovell@COBALT.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: [ Cobalt ] Security Advisory — 03.31.2000
Cobalt Networks — Security Advisory — 03.31.2000
Problem: RaQ2 and RaQ3 allow remote users to view the contents
of an .htaccess file contained within a public website.
Relevant products and architectures Product Architecture Vulnerable Qube1 MIPS No Qube2 MIPS No RaQ1 MIPS No RaQ2 MIPS Yes RaQ3 x86 Yes
If your system is at risk you can you can downloaded the relevant
package and install it. These are beta versions of the packages,
Cobalt is currently testing these packages.
RaQ 2 –
ftp://ftp.cobaltnet.com/pub/experimental/security/apache/RaQ2-All-Security-Point-2.97.pkg
RaQ 3 –
ftp://ftp.cobaltnet.com/pub/experimental/security/apache/RaQ3-All-Security-Point-2.4.pkg
If you experience any problems with these packages please email
jlovell@cobalt.com or
security@cobalt.com.
—
Jeff Lovell
Software Engineer
Cobalt Networks, Inc.