[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24III.pkg
- Subject: Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24III.pkg
- From: Dennis Koster <dedicated@xxxxxxxxxxx>
- Date: Fri, 27 Apr 2001 11:31:35 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Thu, Apr 26, 2001 at 11:05:21AM -0700, shimi wrote:
> If you'll read what's posted in the download page, they said the bugs of
> the ptrace() and sysctl() functions have been fixed there. If Cobalt
> keeps their former way of deploying Linux, they manually twaeak the kernel
> to fit to what they need... so... it's not rootable.
If its not rootable, may I have a shell on your box then?
small example (again)
<dennis@dedicated:dennis> uname -r
2.2.16C24_III
<dennis@dedicated:dennis> id
uid=180(dennis) gid=100(users) groups=100(users),10(wheel),111(site-adm),112(site1)
<dennis@dedicated:dennis> ./epcs /usr/bin/gpasswd
bug exploited successfully.
enjoy!
bash# id
uid=0(root) gid=0(root) groups=100(users),10(wheel),111(site-adm),112(site1)
bash#
bash# cat /proc/cpuinfo | grep system
system type : RaQ3/4
HTH HAND and give us a real kernel upgrade / patch!
--
Met vriendelijke groeten,
Dennis Koster
Linux Systeem Beheerder
VuurWerk Internet
_____________________________________________________________________
Richard Holkade 20 Verkoop/billing: sales@xxxxxxxxxxx
2033 PZ Haarlem Storingsmeldingen: beheer@xxxxxxxxxxx
tel.: 023-5111111 Technische vragen: helpdesk@xxxxxxxxxxx
fax.: 023-5111115 VuurWerk website: www.vuurwerk.nl
_____________________________________________________________________
"Multiple exclaimation marks are a sure sign of a deranged mind."