Cobalt RaQ4 Remote root exploit

From: grazer@digit-labs.org
Date: Thu Dec 05 2002 - 13:38:42 PST

Next message: Seth Knox: "Sygate Personal Firewall can be shut down without a need to suppl y"

Previous message: Dan Rowles: "[Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I've attached an exploit that will allow an attacker to gain remote
root access on Cobalt RaQ's which have the security hardening package
installed (SHP).

the official patch for this problem can be found here :
http://ftp.cobalt.sun.com/pub/packages/raq4/eng/RaQ4-en-Security-2.0.1-SHP_REM.pkg


Wouter ter Maat aka grazer@digit-labs.org
http://www.i-security.nl

TEXT/x-csrc attachment: raqrewt.c

Next message: Seth Knox: "Sygate Personal Firewall can be shut down without a need to suppl y"
Previous message: Dan Rowles: "[Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Dec 05 2002 - 14:01:13 PST