[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Raq550: Serious Security Issue

Subject: Re: [cobalt-users] Raq550: Serious Security Issue
From: "John D. Gorena" <Support@xxxxxxxxxxxxxxxxxxx>
Date: Mon Mar 31 08:22:01 2003
Organization: http://www.JMG-Enterprises.com
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

"John D. Gorena" wrote:
> 
> One of my virtual hosting clients informed me that he can see any site Administrator login.
> 
> After he logs into his site at www.domainname.com/login, he then can change the Site number in the
> URL and see another site's administrative GUI console.  With full administrative privileges too.
> 
> I tried this on two different Raq550's.  Both have all the updates.  Both allow me to cross the
> access areas with no problems.  Has anyone else reported this and is there a fix in the works?  Is
> there a fix now?
> 
> John
> 


In additions to the above... They have viewing rights but can't create a new user.

John

References:
- [cobalt-users] Raq550: Serious Security Issue
  - From: John D. Gorena

Prev by Date: [cobalt-users] Raq550: Serious Security Issue
Next by Date: RE: [cobalt-users] Raq550: Serious Security Issue
Previous by thread: [cobalt-users] Raq550: Serious Security Issue
Next by thread: RE: [cobalt-users] Raq550: Serious Security Issue

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index