Cobalt RaQ2 cgiwrap Vulnerability

Solution:
Cobalt has released patches to adress this problem. The patches are available from the following locations:

Cobalt Networks is dedicated to providing secure platforms.
Accordingly, we have just completed a fix for this bug that is available
in RPM format, which can be found at the following locations:

RaQ 3i (x86)
RPM:
ftp://ftp.cobaltnet.com/pub/experimental/secuirty/rpms/cgiwrap-pacifica-3.6.4.C5.i386.rpm
SRPM:
ftp://ftp.cobaltnet.com/pub/experimental/secuirty/srpms/cgiwrap-pacifica-3.6.4.C5.src.rpm

RaQ 2 (MIPS)
RPM:
ftp://ftp.cobaltnet.com/pub/experimental/secuirty/rpms/cgiwrap-raq2-3.6.4.C5.mips.rpm
SRPM:
ftp://ftp.cobaltnet.com/pub/experimental/secuirty/srpms/cgiwrap-raq2-3.6.4.C5.src.rpm

Cobalt also included the following information in their release:

MD5 sum Package Name
--------------------------------------------------------------------------
701b43ba607edee44c684ac2d428e710 cgiwrap-pacifica-3.6.4.C5.i386.rpm
41b7277afefb199c01a212dc86dab05b cgiwrap-pacifica-3.6.4.C5.src.rpm
0484a11647a3700fa0b9afe431c55d19 cgiwrap-raq2-3.6.4.C5.mips.rpm
5f3b483c352d25b3b11d266811e8b933 cgiwrap-raq2-3.6.4.C5.src.rpm

You can verify each rpm using the following command:
rpm --checksig [package]

To install, use the following command, while logged in as root:
rpm -U [package]

The package file format (pkg) for this fix is currently in testing, and
will be available in the very near future.



 

Privacy Statement
Copyright 2010, SecurityFocus