[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Local Root exploit

Subject: RE: [cobalt-security] Local Root exploit
From: "Graeme Fowler" <graeme.fowler@xxxxxxxxxxxxxx>
Date: Fri, 20 Sep 2002 11:22:08 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Sean Chester wrote:
> I ran this, it does give me a root shell.

Old news, unfortunately.

> Do I need to clean up after running this? 
> Any files need deleting to get me back to how I was?

You downloaded the script. Perhaps reading it might give you an indication of where to look?

Note that downloading and running exploits *without* reading through them first is A Bad Thing. How do you know that the script didn't 'call home' first, and announce to the author "Hey! Look! Someone with a vulnerable RaQ!"? It's happened before, after all, most recently with the trojanned OpenSSH tarball which called home when you compiled it...

Graeme
-- 
Graeme Fowler
System Administrator
Host Europe Group PLC

Prev by Date: [cobalt-security] segmentation violation
Next by Date: [cobalt-security] snort running on cobalt raq 4
Previous by thread: [cobalt-security] segmentation violation
Next by thread: FW: [cobalt-security] Local Root exploit

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index