[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [[cobalt-users] Server Hacked?]

Subject: Re: [[cobalt-users] Server Hacked?]
From: spamcatcher <spamcatcher@xxxxxxxxx>
Date: Wed Feb 16 13:18:27 2000

We certainly hope most people would have disabled the #exec option if 
they decided to risk running ssi on the server. If someone gain access to 
the server to be able to override the #exec option, they wouldn't even 
need to disable it - they would just cat /etc/passwd directly.

>At 17:13 13/02/2000 +0100, you wrote:
>>> how is it possible for anybody to get the passwd file form a RaQ ? Is this
>>> a
>>> RaQ1 problem or can this also happen on a RaQ2 ?
>>
>>raq1 doesn't have any shadowed passwords (very! big security hole)
>>and anybody with telnet can grep the /etc/passwd file 
>>raq3 got shadowed passwords
>
>I don't know about raq1, but if you upload a .shtml file on a RaQ2 with this:
>
><!--#exec cmd="cat /etc/passwd" -->
>
>you get the content of /etc/passwd on the browser. RaQ2 has shadowed
>passwords, so there's no much problem.. I don't know if this works on a 
>raq1..
>
>Bye..
>
>Ariel.
>
>
>_______________________________________________
>cobalt-users mailing list
>cobalt-users@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-users
>

Prev by Date: RE: [[cobalt-users] Server Hacked?]
Next by Date: Re: [[cobalt-users] Server Hacked?]
Previous by thread: Re: [[cobalt-users] Server Hacked?]
Next by thread: Re: [[cobalt-users] Server Hacked?]

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index