[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] fun with /usr/lib/authenticate

Subject: Re: [cobalt-security] fun with /usr/lib/authenticate
From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
Date: Fri, 23 Aug 2002 18:22:52 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

> http://online.securityfocus.com/bid/5529/info/
>
> comments, anyone?

Tried the exploit on an up to date RaQ4 and the exploit did not work. It was
able to do everything except the most important bit which was to get a CRON
job to run to allow root access. Maybe the exploit is crippled?

--
Regards,
Jonathan Michaelson
Commercial CGI Scripting, Web Hosting
Web-based Email, Homepage Creation and Live Help products
http://www.webumake.com

References:
- [cobalt-security] fun with /usr/lib/authenticate
  - From: Jaana Järve

Prev by Date: Re: [cobalt-security] fun with /usr/lib/authenticate
Next by Date: RE: [cobalt-security] fun with /usr/lib/authenticate
Previous by thread: Re: [cobalt-security] fun with /usr/lib/authenticate
Next by thread: RE: [cobalt-security] fun with /usr/lib/authenticate

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index