[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Fwd: [cobalt-security] Bug-Travel

Subject: Re: [cobalt-users] Fwd: [cobalt-security] Bug-Travel
From: "Matt Darnell" <mdarnell@xxxxxxxxxxx>
Date: Tue Jan 21 00:24:53 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> 2. It appears to use components of the "RaQFuCk.sh" script by core
> http://www.securiteam.com/exploits/5MP0R0A80K.html, which attempts a
> symlink attack using cron through the exploitation of an suid
> /usr/lib/authenticate on the Cobalt Raq.


What about :

 # Effects: <= apache-1.3.20-RaQ4_1C3 (AFAIK all Cobalt Linux Apache ;)
# Quick Fix: su - root -c "chmod 755 /usr/lib/authenticate" 

Is that something to do?

-Matt

Follow-Ups:
- Re: [cobalt-users] Fwd: [cobalt-security] Bug-Travel
  - From: Bruce Timberlake

References:
- [cobalt-users] Fwd: [cobalt-security] Bug-Travel
  - From: Bruce Timberlake

Prev by Date: Re: [cobalt-users] OT-Accounting/Billing
Next by Date: Re: [cobalt-users] Fwd: [cobalt-security] Bug-Travel
Previous by thread: [cobalt-users] Fwd: [cobalt-security] Bug-Travel
Next by thread: Re: [cobalt-users] Fwd: [cobalt-security] Bug-Travel

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index