[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Potential DoS ??????

Subject: [cobalt-users] Potential DoS ??????
From: "Daniel Pumphrey" <dpumphre@xxxxxxxxxxxxxxx>
Date: Sun Apr 30 22:37:04 2000

I found something interesting this evening - ok so its now offically
morning, but anyway...

I was setting up myself as an admin user on a test cobalt and went back into
my user settings to add telent access.  Well I check the telnet access
checkbox, but didn't enter a password and hit the submit button. By default
the GUI does not enter anything into the passwd text boxes of the form.  I
realized it pretty quickly but then decided that the GUI would just prompt
me to to go back and enter my password, but it didn't.

Then the browser started prompting me for my credentials and would not
accept them - by then I had a pretty good idea what had probably happened.
I can no longer access any web (port 80), ftp (port 21), telnet (port 23) to
the box.  I get connection refused each and every time.  I imagine that the
GUI munged the /etc/hosts.allow and /etc/hosts.deny files.  I can however
connect to the box via SMTP (port 25).

So first thing in the morning when I get to the office I will be slapping on
a serial cable and hoping the serial interface will come up.

I'm sure we can start a hugh flame war on wether or not the cobalt GUI
should default the users passwd with their current passwd - remember the
form uses a passwd text field so it would show up as ********, etc.  I think
that they should at least remove the changing of users passwds out to a
seperate form.  I can imagine as I go live with this box and I have site
admins managing their users that someone will want to modify some of the
settings on that screen, but not know what their user has changed their
passwd to and thus have to change it to add the setting.  arrrgh - hope that
makes sense.  If not /dev/null that thought.

Or if the site admin did what I did and did not enter a passwd at all he
could cause the whole box to stop responding to most request, thus the
potential DoS - I'm sure that no site admin would do this on purpose though.

Anyway searched the archives and found some not being able to get the
console port to work, but others who have - I'll try and find my serial
cables for my cisco stuff and try those.

Thanks
Daniel

Follow-Ups:
- Re: [cobalt-users] Potential DoS ??????
  - From: Jeff Lasman

References:
- [cobalt-users] mail errors
  - From: Eric Beck
- RE: [cobalt-users] mail errors
  - From: Eric Beck

Prev by Date: RE: [cobalt-users] mail errors
Next by Date: [cobalt-users] Fw: Potential DoS ?????? - updated info
Previous by thread: RE: [cobalt-users] mail errors
Next by thread: Re: [cobalt-users] Potential DoS ??????

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index