Date: Tue, 27 Jul 1999 13:02:53 +0930 From: Greg Lehey <grog@lemis.com> To: Stede Bonnet <stede@dgriffin.org> Cc: freebsd-questions@FreeBSD.ORG, mediabiz@nytimes.com Subject: Re: About the security issue in NY Times Message-ID: <19990727130253.O62218@freebie.lemis.com> In-Reply-To: <Pine.BSF.4.10.9907262305020.2385-100000@dgriffin.org>; from Stede Bonnet on Mon, Jul 26, 1999 at 11:06:43PM -0400 References: <19990727124216.M62218@freebie.lemis.com> <Pine.BSF.4.10.9907262305020.2385-100000@dgriffin.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday, 26 July 1999 at 23:06:43 -0400, Stede Bonnet wrote: > On Tue, 27 Jul 1999, Greg Lehey wrote: > >> On Monday, 26 July 1999 at 22:45:10 -0400, Stede Bonnet wrote: >>> In todays Business section, an article by Sara Robinson discusses a >>> security problem apparent on UNIX OS's. >>> >>> How is that related to FreeBSD? Do I have anything to worry about, and >>> what should I do if I need to do something? >> >> I don't know. We don't get the New York Times here. What were the >> details? Is it on the web somewhere? > > I just located the 'address for comments from readers and coverage > suggestions: "mediabliz@nytimes.com" and the URL > > www.nytimes.com/business Well, for the benefit of those who don't want to first have to subscribe and look for the article, the real URL is http://www.nytimes.com/library/tech/99/07/biztech/articles/26flaw.html. It's really impolite to expect people to search for things when you know the URL, though in this case it might be possible that you wouldn't get access. In any case, here's the relevant part of the article: SAN FRANCISCO -- A leading computer security group is reporting a significant rise in potentially dangerous attacks that exploit security holes in programs shipped with the Unix operating system. The article is pretty vague about what it's talking about: The attacks primarily exploit software that manages an appointment calendar program that is shipped with Unix operating systems from makers of powerful servers, In any case, it refers to CERT (http://www.cert.org/). They have the low-down at http://www.cert.org/advisories/CA-99-08-cmsd.html. It's part of CDE, which is not supported on FreeBSD. Nothing which affects FreeBSD has been reported recently. Greg -- When replying to this message, please copy the original recipients. For more information, see http://www.lemis.com/questions.html See complete headers for address, home page and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990727130253.O62218>