![[LWN Logo]](/images/lwn.banner.gif)
Date: Fri, 31 Mar 2000 16:46:16 -0800 From: Jeff Lovell <jlovell@COBALT.COM> Subject: [ Cobalt ] Security Advisory -- 03.31.2000 To: BUGTRAQ@SECURITYFOCUS.COM Cobalt Networks -- Security Advisory -- 03.31.2000 Problem: RaQ2 and RaQ3 allow remote users to view the contents of an .htaccess file contained within a public website. Relevant products and architectures Product Architecture Vulnerable Qube1 MIPS No Qube2 MIPS No RaQ1 MIPS No RaQ2 MIPS Yes RaQ3 x86 Yes If your system is at risk you can you can downloaded the relevant package and install it. These are beta versions of the packages, Cobalt is currently testing these packages. RaQ 2 - ftp://ftp.cobaltnet.com/pub/experimental/security/apache/RaQ2-All-Security-Point-2.97.pkg RaQ 3 - ftp://ftp.cobaltnet.com/pub/experimental/security/apache/RaQ3-All-Security-Point-2.4.pkg If you experience any problems with these packages please email jlovell@cobalt.com or security@cobalt.com. -- Jeff Lovell Software Engineer Cobalt Networks, Inc.