Bugtraq mailing list archives
Cobalt Linux security problems...
From: gossi () OWNED LAB6 COM (Gossi The Dog)
Date: Thu, 6 Jul 2000 22:05:23 +0100
There are two major problems with Cobalt Linux, used to drive the Cobalt RaQ series of hardware (used by thousands of ISPs). Both problems were tested against a Cobalt RaQ 3 with OS Update 3.0, which was released on the 15th of June. No updates have been released. Problem 1) Linux Kernel Capabilities Bug. -- This is a well known issue with the Linux Kernel, discovered on the 7th of June. Running http://www.securityfocus.com/data/vulnerabilities/exploits/cap-procmail-sendmail.txt on any Cobalt RaQ 3 box at the current time will get you an suid root shell. I am still awaiting a patch from Cobalt to resolve this. The problem has been confirmed on the Cobalt-Security mailing list by Cobalt. Problem 2) Qpopper 2.53 is still being used, even with the latest Security patches. -- This leaves several holes open for exploitation - see SecurityFocus.com for details. The version of ProFTPd being used is also open to several attacks - hopefully it won't take them as long to sort that. Regards, -- gossi the dog email: gossi () owned lab6 com irc: gossi in #markthomas (efnet / irc.ins.net.uk)
Current thread:
- Cobalt Linux security problems... Gossi The Dog (Jul 06)