RE: What's vunerable?

From: Will Mitayai Keeso Rowe (
Date: 03/16/01

From: "Will Mitayai Keeso Rowe" <>
To: "Peter McGarvey" <>, "freebsd-security" <>
Date: Fri, 16 Mar 2001 11:43:40 -0500

inherited? need a lot of work? then assume everything is vulnerable due to
ex-employees, past trojan horses, bad administrative practices and
configurations, etc.

go through the FreeBSD Security Advisories at for alkl the listed advisories.

make sure you pay attention to all the installed packages, ports, and
user-installed third-party stuff.

:-----Original Message-----
:From: owner-freebsd-security@FreeBSD.ORG
:[mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Peter McGarvey
:Sent: March 16, 2001 04:25 AM
:To: freebsd-security
:Subject: What's vunerable?
:I've just inherited several FreeBSD boxes. The versions range from
:3.2_RELEASE to 4.1_RELEASE.
:On the BSD boxes I already maintain I cvsup and make world on a monthly
:basis - or as soon as I see a CERT advisory that I know relates to
:something that can bite. But the inherited boxes need a lot of work,
:and I cannot guarantee to "The Powers That Be" that a make world wont
:break the box.
:What I really need to know is what vulnerabilities exist on each box -
:so that I can present the boss with a risk assessment, and make him
:decide if the box stays as is, or gets a make world.
:So any advice anyone can give me, on how to find out what's vunerable
:with any particular FreeBSD version, would be greatly appreciated.
:Peter McGarvey
:System Administrator
:Network Operations, VIA Networks UK
:To Unsubscribe: send mail to
:with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message