Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

[ Cobalt ] Security Advisory -- 01.31.2000

From: jeffb () COBALTNET COM (Jeff Bilicki)
Date: Mon, 31 Jan 2000 09:43:04 -0800

Cobalt Networks -- Security Advisory -- 01.31.2000

Problem:
For RaQ 1 and RaQ 2:
Through improper permissions checking in
/.cobalt/siteUserMod/siteUserMod.cgi, any Site Administrator can change
the password of the admin (root) account on the system.

For RaQ 3:
Through improper permissions checking in
/.cobalt/siteUserMod/siteUserMod.cgi, any Site Administrator can change
the password of any regular user or Site Administrator on the system,
but not admin(root).

Bug and exploit buy:
Chuck Pitre <chuck () oa net>

Relevant products and architectures
Product         Architecture            Vulnerable
Qube1           MIPS                    No
Qube2           MIPS                    No
RaQ1            MIPS                    Yes
RaQ2            MIPS                    Yes
RaQ3            x86                     Yes

If your system is at risk you can you can downloaded the relevant
package and install it.  These are beta versions of the packages, Cobalt
is currently testing these packages.

RaQ 1 -
ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ1-Security-3.6.pkg

RaQ 2 -
ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ2-Security-2.94.pkg

RaQ 3 -
ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ3-Security-2.2.pkg

If you experience any problems with these packages please email
jeffb () cobalt com or security () cobalt com.

Jeff Bilicki
Software Engineer
Cobalt Networks
Previous By Date Next
Previous By Thread Next

Current thread: