Revision as of 04:47, 7 October 2007

Known Problems

All the python we wrote needs to be double-checked
Kerberos security holes that need to be patched urgently
- krb5-admin-server: up to date on zeus and that's all we need to worry about in terms of major major exploits at the moment --Elizabeth@ugcs.caltech.edu 05:56, 26 September 2007 (PDT)
linux-2.6: CVE-2007-4571 and CVE-2007-4573 - local privilege escalation vulnerabilities, extremely serious on amd64. working on backporting a fix and getting it compiled by hephaestus. --Elizabeth@ugcs.caltech.edu 05:56, 26 September 2007 (PDT)
- Fixed by installing the debian linux-2.6.18-5-dpkg package (forget when)- Joshua

@@ Line 7: / Line 7: @@
 ** krb5-admin-server: up to date on zeus and that's all we need to worry about in terms of major major exploits at the moment --[[User:Elizabeth@ugcs.caltech.edu|Elizabeth@ugcs.caltech.edu]] 05:56, 26 September 2007 (PDT)
 * linux-2.6: CVE-2007-4571 and CVE-2007-4573 - local privilege escalation vulnerabilities, extremely serious on amd64.  working on backporting a fix and getting it compiled by hephaestus. --[[User:Elizabeth@ugcs.caltech.edu|Elizabeth@ugcs.caltech.edu]] 05:56, 26 September 2007 (PDT)
+** Fixed by installing the debian linux-2.6.18-5-dpkg package (forget when)- Joshua
 =Possible problems=
 * Cfengine can be used to break into machines