RE: [cobalt-security] Local Root exploit

["Jamie - i-Dot" <jamie@xxxxxxxxx>]

Just been doing some checking, and it seems this 'quick fix' whilst it
indeed does fix,  also means that some forms of .htaccess don't work,
client informed me that webalizer stats access was now nolonger
accepting groups as valid users.

Chmod 4775 worked to restore access, but then allows exploit again..
So,  those of you with live boxes and clients, beware.

-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx] On Behalf Of Jamie -
i-Dot
Sent: 10 September 2002 00:43
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-security] Local Root exploit


# Quick Fix: su - root -c "chmod 755 /usr/lib/authenticate"


Simple fix for those who missed it in the script itself.

-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx] On Behalf Of Thomas Mertz
Sent: 09 September 2002 23:56
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] Local Root exploit


This vulnerability was posted to the list a couple or more weeks ago
(although from a different source). So far no response from Sun.

Tom


----- Original Message -----
From: "Brett Wright" <brett@xxxxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Monday, September 09, 2002 6:46 PM
Subject: [cobalt-security] Local Root exploit


> Hey
>
> Not sure if this has been posted here yet, but i tried it on a raq4
> and it worked.
>
> http://www.securiteam.com/exploits/5MP0R0A80K.html
>
> Regards
> Brett
>
>


_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security



_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security