[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
- Subject: Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Fri, 26 Sep 2003 02:20:16 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi all,
> The problem is apparently that a particular page in the GUI is accessible
> without authentication and can be tricked into spawning a rootshell.
I just finished my forensics on the rooted ControlStation and this is indeed
pretty bad. The nature of the exploit easily reveals the admin passwords of
all monitored servers to the attacker. Shell access is not required and a
browser is enough for this hack.
Does someone have an email address @sun where I can report this? I called the
toll free US number, got directed to use their webpage and am now stuck in
that maze without the ability to report anything there.
--
With best regards,
Michael Stauber