[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] Some more....
- Subject: RE: [cobalt-security] Some more....
- From: "Gil DuPont" <gdupont@xxxxxxxxxxxxx>
- Date: Tue, 25 Jul 2000 10:53:32 -0500
I second this. I would also like to have a reliable list.
Gil DuPont
DSR
-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Dan Diehl
Sent: Tuesday, July 25, 2000 10:57 AM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] Some more....
To all,
I really appreciate the amount of trouble that some of you go to to check
for exploits on the Raq2/3 servers. To you, this job may be routine, but for
some of us newbees, it can be very stressful at times. Personally, I would
rather not try and modify kernels or processes running on the server that
would void my Cobalt warantee or result in server chashes and would rather
wait for Cobalt to issue official fixes for us to install. What I would like
to know is if any of you, perhaps Gossi The Dog, has a current list of known
or possible Raq2/3 exploits that Cobalt has not addressed. If so, could you
post them here so that Jeff Lovell could forward these issues for official
fixes to be completed and posted on the Cobalt site. I don't know if this
has ever been done like this, but I'm sure there are many other admins
without a Rocket Science Degree who would greatly appreciate this to better
secure their own servers. Once again, keep up the good work and thanks for
bringing these issues to the table.
Dan Diehl
----- Original Message -----
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Monday, July 24, 2000 5:00 PM
Subject: Re: [cobalt-security] Some more....
>
> Hi. This was discovered in April.
>
> More information at http://linux.dp.ua/maillist/msg00001.html
>
> I will test it on my RaQ 3...
>
> Regards,
> Gos.
>
> On Mon, 24 Jul 2000, Thomas Fosbenner Jr. wrote:
>
> > Here is an excerpt from the actual code of that program.
> > Maybe this has been fixed but I haven't heard anything about it.
> > Let me know if I am a moron and am behind the times or let me know if I
> > enlightened you.
> > Thanks
> >
> > [Actual Comment From the Code]
> >
> > # synopsis:
> > # both 'pam' and 'userhelper' (a setuid binary that comes with the
> > # 'usermode-1.15' rpm) follow .. paths. Since pam_start calls down to
> > # _pam_add_handler(), we can get it to dlopen any file on disk.
> > 'userhelper'
> > # being setuid means we can get root.
> >
> >
> > PS. There is actually another program that I had with this one that does
> > almost the same thing. I can send that also.
> >
> >
> >
> > _______________________________________________
> > cobalt-security mailing list
> > cobalt-security@xxxxxxxxxxxxxxx
> > http://list.cobalt.com/mailman/listinfo/cobalt-security
> >
>
> --
> gossi@xxxxxxxxxxxxxxx
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security