[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Raq 550 Remote Exploits?

Subject: Re: [cobalt-security] Raq 550 Remote Exploits?
From: "Zeffie" <cobaltlist@xxxxxxxx>
Date: Sat, 31 Jan 2004 19:42:16 -0500
Organization: Electronic Consultants Inc.
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> Hi Skeeve,
<snip>
> The other one is a local exploit against the C10 Kernel which grants a
local
> user root access. That's serious.
<snip>
> Sun was notified about these issues and provided with sample code for the
> Kernel exploit. So expect a new RaQ550 kernel soon.
> Michael Stauber

I can confirm not just one but instead 3 public local user root access
exploits for the 550.  it takes about 15 seconds from start to finish..  I
have sent the scripts/links in on Jan 3 2004 and it's with great saddness I
see that the scripts are as old as Jan 2003 :(

Don't allow shell access people!

Zeffie
Cobalt RaQ System Administration, Maintenance and Repairs.
http://www.zeffie.com/how_to_contact_zeffie.html 734.454.9117
http://www.zeffie.com/ Home of the Worlds Largest Collection of RaQ rpms
Advanced Cobalt Security, Firewall, Snort, AntiSpam, AntiVirus, etc. GUI's

Follow-Ups:
- Re: [cobalt-security] Raq 550 Remote Exploits?
  - From: Michael Stauber

References:
- [cobalt-security] Raq 550 Remote Exploits?
  - From: Skeeve Stevens
- Re: [cobalt-security] Raq 550 Remote Exploits?
  - From: Michael Stauber

Prev by Date: [cobalt-security] Cobalt security resource location (automatic reminder)
Next by Date: Re: [cobalt-security] Raq 550 Remote Exploits?
Previous by thread: Re: [cobalt-security] Raq 550 Remote Exploits?
Next by thread: Re: [cobalt-security] Raq 550 Remote Exploits?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index