This CC Note lists 30 'vunerabilities' but if you check farther you see that only one concerns Mandrake and the remaining 29 reports concern other platforms. That one 'vuneablility' really isn't one. Read what CERT has to say:
Although this utility may result in unexpected behavior, it appears that this behavior accurately maintains the configured security policy and is consistent with the product documentation. Given that the documentation is readily available and the utility allows system administrators to customize the behavior of msec, the CERT/CC does not believe that this utility represents a security vulnerability.
II. Impact
This utility accurately and consistently performs as documented. However, system administrators who do not understand its operation may encounter unexpected behavior. (DUH!)
III. Solution
Read the msec documentation
The CERT/CC encourages system administrators who wish to alter the default behavior of msec to read the product documentation and customize their msec configuration as appropriate.
Systems Affected
Vendor Status Date Updated
MandrakeSoft Not Vulnerable 25-Jun-2002
So this isn't a vulnerability at all!
The second, another 1 out of 30 notice like the first, is another configuration problem envovling Apache runnning on MDK, but this one is 9 months old! and the default configuration was changed long ago. A competent user would have noticed the configuration and changed it had they read the docs while installing it.
The third 'vulnerability', another '2 out of 30' listed, is a repeat of the second!
The fourth listing is a repeat of the second and third! How long does this go on?
The fifth is a repeat of the first!
The sixth is a repeat of the first! How long does this go on?
The seventh repeats the second!
The eighth repeats the first!
... and so on.
The fifteenth lists all three of the 'vunerabilities' in one note. (3 out of 20).
Several of the 'vunerabilites' are actually notices from MDK reminding folks to RTFM.
Some of the vunerabilities are like the BIND one, which is not specific to any particular distro, and is a problem only if the user runs that particular version of BIND.
Working the list backwards I find notices envolving kernels before Linux 2.2.19, which aren't used much anymore. This is the same as someone including a Windows FWG 3.11 security flaw in a list of WinXX flaws.... hardly relevent.
So, in summary, after checking about 20 of the 'vulnerabilities' I find no vulnerabilities specific to Mandrake itself, unless folks don't read the installaion documentation, and most deal with apps that appear in all distros of Linux. Apps like Apache and Bind. BTW, this is how a recent report indicating that attacks on LInux were on the rise got such high numbers - listing the same 'problem' several times. With 18 Linux distros, or more, one still has only one problem, not 18.
One might also make the point that EVEN IF all 102 were actually Mandrake specific REAL vulnerabilities that would still be a drop in the bucket compared to the number of unique security holes that have been reported for WInXX during the same time period - a bucket which is filled with hundreds, if not thousands, or 10s of thousands.
Like I said before, Mandrake is very secure.
JLK
>and this:
>
>http://niap.nist.gov/cc-scheme/ValidatedProducts.html
>
>I go along with John Ryan's suggestion for home use. I do that as well as use Network Ice at home.
>
>Tracy
>
>
>
>>Thank you John.
>>
>>Tom
>>
>>
>>>Tom
>>>
>>>Get a NAT, DHCP Router. I bought a dlink wireless router with firewall from Best Buy for about $150, I've set it up to block *all* incoming traffic, only allows connections from within and then from ports I approve. You just plug in your cable, there are 4 other network ports for PCs and you can have wireless as well if you want- allow $60 for a card, great if you want to sit watching TV while you work on your notebook.
>>>
>>>FWIW, i picked the dlink because it has strong filtering, great wireless encryption as well, also allows VPN to offices abroad.
>>>
>>>Regards
>>>
>>>JR
