[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
- Subject: RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
- From: Steve Root <steve@xxxxxxxxxxxxxxxxxxx>
- Date: Fri, 06 Dec 2002 15:05:36 +0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 17:50 05/12/02 -0600, you wrote:
By the way, it does not allow a hacker into the box, it allows script
kiddies to root the box. Any newbie running mandrake could own a cobalt in
under 5 commands.
(I'm a newbie, but..)
Surely that is only once they have a command line / terminal prompt though?
They would have to get past one of the user passwords first?
Regards
Steve Root
PS - does my name mean that my qube has always be 'root expolited' :)