Cobalt Linux security problems...

[gossi () OWNED LAB6 COM (Gossi The Dog)]

There are two major problems with Cobalt Linux, used to drive the Cobalt
RaQ series of hardware (used by thousands of ISPs).

Both problems were tested against a Cobalt RaQ 3 with OS Update 3.0, which
was released on the 15th of June.  No updates have been released.

Problem 1) Linux Kernel Capabilities Bug.

--

This is a well known issue with the Linux Kernel, discovered on the 7th of
June.  Running
http://www.securityfocus.com/data/vulnerabilities/exploits/cap-procmail-sendmail.txt
on any Cobalt RaQ 3 box at the current time will get you an suid root
shell.  I am still awaiting a patch from Cobalt to resolve this.  The
problem has been confirmed on the Cobalt-Security mailing list by Cobalt.

Problem 2) Qpopper 2.53 is still being used, even with the latest Security
patches.
--

This leaves several holes open for exploitation - see SecurityFocus.com
for details.

The version of ProFTPd being used is also open to several attacks -
hopefully it won't take them as long to sort that.

Regards,

--

gossi the dog

email: gossi () owned lab6 com
irc:   gossi in #markthomas (efnet / irc.ins.net.uk)