[15674] in bugtraq
Cobalt Linux security problems...
daemon@ATHENA.MIT.EDU (Gossi The Dog)
Fri Jul 7 14:37:36 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.21.0007060940220.24757-100000@owned.lab6.com>
Date: Thu, 6 Jul 2000 22:05:23 +0100
Reply-To: Gossi The Dog <gossi@OWNED.LAB6.COM>
From: Gossi The Dog <gossi@OWNED.LAB6.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
There are two major problems with Cobalt Linux, used to drive the Cobalt
RaQ series of hardware (used by thousands of ISPs).
Both problems were tested against a Cobalt RaQ 3 with OS Update 3.0, which
was released on the 15th of June. No updates have been released.
Problem 1) Linux Kernel Capabilities Bug.
--
This is a well known issue with the Linux Kernel, discovered on the 7th of
June. Running
http://www.securityfocus.com/data/vulnerabilities/exploits/cap-procmail-sendmail.txt
on any Cobalt RaQ 3 box at the current time will get you an suid root
shell. I am still awaiting a patch from Cobalt to resolve this. The
problem has been confirmed on the Cobalt-Security mailing list by Cobalt.
Problem 2) Qpopper 2.53 is still being used, even with the latest Security
patches.
--
This leaves several holes open for exploitation - see SecurityFocus.com
for details.
The version of ProFTPd being used is also open to several attacks -
hopefully it won't take them as long to sort that.
Regards,
--
gossi the dog
email: gossi@owned.lab6.com
irc: gossi in #markthomas (efnet / irc.ins.net.uk)
