Date: Fri, 01 Dec 2000 08:31:06 -0800 From: Cy Schubert <cschuber@uumail.gov.bc.ca> To: Frank van Vliet <karin@root66.org> Cc: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>, security@freebsd.org Subject: Re: FreeBSD hacked? Message-ID: <200012011631.eB1GVMA16997@passer.osg.gov.bc.ca> In-Reply-To: Your message of "Fri, 01 Dec 2000 17:21:47 GMT." <20001201172147.A25455@root66.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20001201172147.A25455@root66.org>, Frank van Vliet writes: > > --xHFwDpU9dbj6ez1V > Content-Type: text/plain; charset=us-ascii > Content-Disposition: inline > Content-Transfer-Encoding: quoted-printable > > On Fri, Dec 01, 2000 at 06:53:48AM -0800, Cy Schubert - ITSD Open Systems G > roup wrote: > > In message <18748.975613708@winston.osd.bsdi.com>, Jordan Hubbard > > writes: > > > > so, for the next few days, there is a possibility that the rest of us > are > > > > as vulnerable? *raised eyebrow* > > > > > > Only if you run all of FreeBSD.org's CGI scripts. Do you? :) > > > > I think the only CGI script that runs on www.freebsd.org that people > > might run is cvsweb because its a port in the ports collection. Until > > we hear otherwise there is the possibility that it might be the culprit. > > > You people should just watch the commits to the www source tree. > > Eventually you'll see a commit that will fix the problem. Until then > > you'll have to wait. > > Ofcourse cvsweb could contain bugs, but it is a www.freebsd.org specific sc > ript nohican and me exploited. I don't see any reason for 'panick' about cv > sweb. Who said I was panicking? I don't even feel anxious about this issue. The only thing I feel anxious about is the stock market. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012011631.eB1GVMA16997>