[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit

Subject: RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
From: Paul Jacobs <paul@xxxxxxxxxxxxxxxxxx>
Date: Fri, 06 Dec 2002 09:39:34 -0800
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

At 07:05 AM 12/6/2002, you wrote:

At 17:50 05/12/02 -0600, you wrote:
By the way, it does not allow a hacker into the box, it allows scriptkiddies to root the box. Any newbie running mandrake could own a cobaltin under 5 commands.
(I'm a newbie, but..)
Surely that is only once they have a command line / terminal promptthough? They would have to get past one of the user passwords first?


Not if they use the remote exploit to get your root password.

Regards
Steve Root
PS - does my name mean that my qube has always be 'root expolited' :)

_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security

Prev by Date: RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
Next by Date: RE: [cobalt-security] FW: Cobalt RaQ4 Remote root exploit
Previous by thread: RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit
Next by thread: [cobalt-security] Intel Updates Compilers, Faster Apps Result

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index