[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Local Root exploit

Sure, and then the services on the RAQ that depend on this stop working - no
FrontPage, no htaccess depending on how the htaccess file is configured,
etc. Customers really want to hear "sorry you can't do that for a month
until Sun releases a patch". Thats called how you lose all your business.

Tom


----- Original Message -----
From: "Jamie - i-Dot" <jamie@xxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Monday, September 09, 2002 7:42 PM
Subject: RE: [cobalt-security] Local Root exploit


> # Quick Fix: su - root -c "chmod 755 /usr/lib/authenticate"
>
>
> Simple fix for those who missed it in the script itself.
>
> -----Original Message-----
> From: cobalt-security-admin@xxxxxxxxxxxxxxx
> [mailto:cobalt-security-admin@xxxxxxxxxxxxxxx] On Behalf Of Thomas Mertz
> Sent: 09 September 2002 23:56
> To: cobalt-security@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-security] Local Root exploit
>
>
> This vulnerability was posted to the list a couple or more weeks ago
> (although from a different source). So far no response from Sun.
>
> Tom
>
>
> ----- Original Message -----
> From: "Brett Wright" <brett@xxxxxxxxxxxxx>
> To: <cobalt-security@xxxxxxxxxxxxxxx>
> Sent: Monday, September 09, 2002 6:46 PM
> Subject: [cobalt-security] Local Root exploit
>
>
> > Hey
> >
> > Not sure if this has been posted here yet, but i tried it on a raq4
> > and it worked.
> >
> > http://www.securiteam.com/exploits/5MP0R0A80K.html
> >
> > Regards
> > Brett
> >
> >
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>