[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] hack recovery question

Subject: Re: [cobalt-users] hack recovery question
From: "Andy Clyde, oxfordmusic.net" <cobalt-users@xxxxxxxxxxxxxxx>
Date: Thu Mar 27 14:48:35 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> >Cobalt Linux 6.0 Local Root Exploit, Vixie Cron, not sure what's it full
> >name is
> >
> >(via the /usr/lib/authenticate file, and yes i know i could have easily
> >fixed this with a chmod, i did it on my other 2 servers but not this one.
> >will be kicking my self for ever)
>
>
> fix it how?
>

chmod 755 /usr/lib/authenticate

is the quick fix. i applied it on my other servers but not this one. i
believe this has been discussed on the list before...

andy

ps in /home/tmp/.dev/c.sh which i belive to be one of his files he even
mentions this fix. don't know if this is more worrying (he knows about it
and is trying other exploits) or less worrying (he's not malicious, he just
wants to break in and leave his mark)

References:
- Re: [cobalt-users] hack recovery question
  - From: Mailing List
- Re: [cobalt-users] hack recovery question
  - From: David Lucas

Prev by Date: RE: [cobalt-users] hack recovery question
Next by Date: RE: [cobalt-users] RE: RaQ3i - Sendmail 8.9.3 configuration issues
Previous by thread: Re: [cobalt-users] hack recovery question
Next by thread: RE: [cobalt-users] hack recovery question

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index