[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
- Subject: Re: [cobalt-security] Sun Cobalt Control Station - remote root exploit!
- From: Anders <andersb@xxxxxxxxxxx>
- Date: Fri, 26 Sep 2003 09:17:01 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Michael Stauber wrote:
> Everyone with a Sun Cobalt Controlstation should pull up the drawbridge and
> firewall the Apache ports 80, 81, 443 and 444. Or power the thing down as
> fast as you can.
>
> I just have gotten my ControlStation hacked due to a vulnerability in the GUI.
> Fortunately my IDS stuff caught it reasonably quick before any damage could
> be done.
>
> The problem is apparently that a particular page in the GUI is accessible
> without authentication and can be tricked into spawning a rootshell.
Is this problem isolated to the Sun Cobalt Control Station,
or does it affect the RaQ 550 and other Cobalt machines too ?
(as they also come with lax security checks on admin pages)
Wonder if the problem remains in their new Sun Control Station
offering... It seems to be based on the same code and system ?
http://wwws.sun.com/software/controlstation/
--anders
PS. Would it be possible to patch just that page in PHP,
by adding the required authentication checks to GUI ?