[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Raq 550 Remote Exploits?

Subject: Re: [cobalt-security] Raq 550 Remote Exploits?
From: Anders <andersb@xxxxxxxxxxx>
Date: Tue, 27 Jan 2004 11:57:04 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Michael Stauber wrote:

> The other one is a local exploit against the C10 Kernel which grants a local
> user root access. That's serious.
> 
> Sun was notified about these issues and provided with sample code for the
> Kernel exploit. So expect a new RaQ550 kernel soon.

Considering that the exploit and the patch was known back in december,
I wouldn't be too sure about the "soon" part of the kernel patch.

Sun hasn't even released a new kernel for the Sun Linux 5.0 (LX50), :-(
and that is easier to do than the heavilly patched one for the RaQ...

It's not impossible to patch the "dobrk" and "mremap" functions yourself,
though. "Just" requires to rebuild the kernel from the latest SRPM. (C10)

Or wait for the official update. It will probably be out any month now ?
Considering the latest ProFTPd/Apache updates, we'll be lucky if it runs.

Sigh,
--anders

Follow-Ups:
- Re: [cobalt-security] Raq 550 Remote Exploits?
  - From: Michael Stauber

References:
- Re: [cobalt-security] Raq 550 Remote Exploits?
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] Raq 550 Remote Exploits?
Next by Date: [cobalt-security] Allowing dynamic range through firewall
Previous by thread: Re: [cobalt-security] Raq 550 Remote Exploits?
Next by thread: Re: [cobalt-security] Raq 550 Remote Exploits?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index