[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Raq 550 Remote Exploits?
- Subject: Re: [cobalt-security] Raq 550 Remote Exploits?
- From: Greg Boehnlein <damin@xxxxxxxx>
- Date: Sun, 1 Feb 2004 15:42:05 -0500 (EST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Sun, 1 Feb 2004, Michael Stauber wrote:
> Hi Zef,
>
> > I can confirm not just one but instead 3 public local user root access
> > exploits for the 550. it takes about 15 seconds from start to finish.. I
> > have sent the scripts/links in on Jan 3 2004 and it's with great saddness I
> > see that the scripts are as old as Jan 2003 :(
>
> Quite sad, man. Do all three of these exploits target vulnerabilities in the
> kernel?
What is stopping the Cobalt Community from deploying newer versions of the
kernel patched against exploits? I've not tried to build a Cobalt kernel
in a Long, Long, Long time, but we should be able to diff the Cobalt code
against a generic source tree to get a base-line patch, and then patch up
revision by revision until we have a kernel that tracks against the latest
code.
It just seems that the Cobalt community has become a bunch of total
morons, unable to grasp the concept that this is simply an x86 Linux box
with a few caveats. There is no special magic to securing Linux, as long
as you have source to work with, and as far as I know, all source has been
released to the community already.
Are we missing something proprietary (binary module like Phoenix Adaptive
Firewall) that is preventing this from happening, or do we just lack the
organization to rally around a project and move forward?
--
Vice President of N2Net, a New Age Consulting Service, Inc. Company
http://www.n2net.net Where everything clicks into place!
KP-216-121-ST