[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
- Subject: RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
- From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
- Date: Fri, 6 Dec 2002 17:14:26 +0000 (GMT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
SR> Date: Fri, 06 Dec 2002 15:05:36 +0000
SR> From: Steve Root
SR> Surely that is only once they have a command line / terminal
SR> prompt though?
No.
SR> They would have to get past one of the user passwords first?
Not at all. A remote root exploit means one runs a magic program
that "picks the lock" and gives root access.
Check out L0pht, Phrack, 2600, or Google for "stack overflow",
"format string", and "race conditions". There are many good
tutorials that explain how these things work. Many of them
assume one is familiar with assembly language and computer
architecture, though...
Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@xxxxxxxxx>, or you are likely to
be blocked.