[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Subject: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
From: Barbara <thebizworkers@xxxxxxxxx>
Date: Fri, 8 Feb 2002 22:59:48 -0800 (PST)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

>I remembet the epsiode when we found that 
>neomail messed with the suid bit But, I still 
>have that one spare RaQ4r with neomail on it and;
>
>[admin admin]$ ls /etc/shadow -l
>-r--------   1 root     root          552 Sep 29
>21:04 /etc/shadow
>[admin admin]$ ls /etc/shadow- -l
>-rw-------   1 root     root          524 Sep 29
>07:25 /etc/shadow-

Hum, I truly thought Neomail was going to be the devil
doing the dirty deed. I really did. I wonder what it
could be? I'm trying to think of any software I've
installed on these boxes and I can't think of
anything. I take stuff off if anything (lots of stuff
off actually).  I'd like to know if they were set that
way when my NOC restored them last Feb (from their
restore CD) or if they were changed by something
during the last 12 months. Doesn't anyone think it's
odd that so many of us reported different settings on
those shadow files. Most more secure than mine, but 3
or 4 different combinations. Hum, I need to think
about this some more.


__________________________________________________
Do You Yahoo!?
Send FREE Valentine eCards with Yahoo! Greetings!
http://greetings.yahoo.com

Follow-Ups:
- Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
  - From: Mike Fritsch

Prev by Date: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by Date: [cobalt-security] RE: POSSIBLE MAJOR SECURITY BREACH
Previous by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH
Next by thread: Re: [cobalt-security] POSSIBLE MAJOR SECURITY BREACH

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index