[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
- Subject: RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
- From: "Goade, Matthew" <mgoade@xxxxxxxxxxxxxxx>
- Date: Fri, 6 Dec 2002 09:23:21 -0600
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
With the exploit you could add a user and get a shell with root privs, and login if so desired. Basically the exploit lets you execute anything you can dream up (as root), remotely, without you ever having sent 1 packet to it beforehand. No pervious access to the victim box is necessary.
-----Original Message-----
From: Steve Root [mailto:steve@xxxxxxxxxxxxxxxxxxx]
Sent: Friday, December 06, 2002 9:06 AM
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-security] FW: script kiddie own a cobalt? >was
Cobalt RaQ4 Remote root exploit
At 17:50 05/12/02 -0600, you wrote:
>By the way, it does not allow a hacker into the box, it allows script
>kiddies to root the box. Any newbie running mandrake could own a cobalt in
>under 5 commands.
(I'm a newbie, but..)
Surely that is only once they have a command line / terminal prompt though?
They would have to get past one of the user passwords first?
Regards
Steve Root
PS - does my name mean that my qube has always be 'root expolited' :)
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security