[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Sun Cobalt Control Station - remote root exploit!

Subject: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Fri, 26 Sep 2003 00:16:51 +0200
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi all,

Everyone with a Sun Cobalt Controlstation should pull up the drawbridge and 
firewall the Apache ports 80, 81, 443 and 444. Or power the thing down as 
fast as you can.

I just have gotten my ControlStation hacked due to a vulnerability in the GUI. 
Fortunately my IDS stuff caught it reasonably quick before any damage could 
be done.

The problem is apparently that a particular page in the GUI  is accessible 
without authentication and can be tricked into spawning a rootshell. 

-- 

With best regards,

Michael Stauber

Follow-Ups:
- Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
  - From: Michael Stauber
- Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
  - From: Anders
- Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
  - From: 1st Easy Support

Prev by Date: Re: [cobalt-security] Re: [cobalt-users] Raq2 - OpenSSH 3.7.1.p2 compile FIX
Next by Date: Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
Previous by thread: Re: [cobalt-security] Re: OpenSSH-3.7.1p2 released
Next by thread: Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index