[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Cobalt Security Notice - Linux Kernel - 06/09/00

Subject: Re: [cobalt-users] Cobalt Security Notice - Linux Kernel - 06/09/00
From: Goran Blagus <vectro@xxxxxxxxxxxx>
Date: Mon Jun 12 09:23:21 2000

Hello !

<BAD ENGLISH>

I would like to know how safe is this upgrade ? I'm a remote administratorof two RaQ servers at dN and I'm worried about total disaster if thisupgrade fail (kernel corupt). Do you people have any suggestion how to dosafe upgrade ?

About this security bug. We have tested two exploits and we succeded withcreating a user with root priveleges on both RaQ servers (RaQ2 and RaQ3).We were able to su to root without password, but username from which wehave logged was admin. Some other user on server was unable to su to rootpriveleges. What I'm worried about is that if any user can write to/etc/passwd and /etc/shadow he can also delete or change any other file onserver.

What we have done ? We have disable gcc compiler because this two exploitswas written in C, and I don't think this will stop malicious user with someother program that use this exploit but can slow him down.

Please advise us, give us your suggestion and tell us what have you done toprotect against this exploit? Is this RPM's safe and is this upgrade ormayor install ?


</BAD ENGLISH>

Goran
----------------
Croadria Internet usluge - http://www.croadria.com
Subiceva 3, 10000 ZAGREB
Tel: 01/ 4556 465
E-mail: gblagus@xxxxxxxxxxxx
ICQ UIN: 5441616

References:
- [cobalt-users] Cobalt Security Notice - Linux Kernel - 06/09/00
  - From: Jeff Lovell

Prev by Date: RE: [cobalt-users] (no subject)
Next by Date: Re: [cobalt-users] Best place to lease a RaQ
Previous by thread: [cobalt-users] Cobalt Security Notice - Linux Kernel - 06/09/00
Next by thread: [cobalt-users] Would pay for help with RAQ3i

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index