[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Sun Cobalt Control Station - remote root exploit!
- Subject: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Fri, 26 Sep 2003 00:16:51 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi all,
Everyone with a Sun Cobalt Controlstation should pull up the drawbridge and
firewall the Apache ports 80, 81, 443 and 444. Or power the thing down as
fast as you can.
I just have gotten my ControlStation hacked due to a vulnerability in the GUI.
Fortunately my IDS stuff caught it reasonably quick before any damage could
be done.
The problem is apparently that a particular page in the GUI is accessible
without authentication and can be tricked into spawning a rootshell.
--
With best regards,
Michael Stauber