[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FW: [cobalt-security] Local Root exploit
- Subject: Re: FW: [cobalt-security] Local Root exploit
- From: Brett Wright <brett@xxxxxxxxxxxxx>
- Date: Mon, 23 Sep 2002 08:42:48 +1200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 01:34 20/09/02, you wrote:
> -----Original Message-----
> From: Sean Chester [mailto:seanc@xxxxxxxxxxxxxxxxxxxxxx]
> Sent: 19 September 2002 10:21
> To: cobalt-security@xxxxxxxxxxxxxxx
> Subject: RE: [cobalt-security] Local Root exploit
>
>
> > -----Original Message-----
> > Subject: Re: [cobalt-security] Local Root exploit
> > Not sure if this has been posted here yet, but i tried it
> > on a raq4
> > and it worked.
> >
> > http://www.securiteam.com/exploits/5MP0R0A80K.html
I ran this, it does give me a root shell.
Do I need to clean up after running this?
Any files need deleting to get me back to how I was?
Code on http://www.securiteam.com is normally quite good, then again you
never know, just patch the server as it states at the start of the script,
and do not let anyone you do not trust to have shell access to the server.
The only thing i found was this
main() { system("cp $tempdir/core/sushi /.sushi ; chmod 6777 /.sushi"); }
remove or chmod the file .sushi in the /
Then again i have done this on a test RAQ4 on a internal network, its not a
good idea to run these types of scripts on a 'real' working machine.
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security