Penetration Testing mailing list archives
Re: [PEN-TEST] Cobalt Raq II - Unprotected Admin Pages
From: Cory Michal <cmichal () NEW RR COM>
Date: Sun, 25 Mar 2001 21:18:06 -0600
RaQ4's are not vunerable. The seem to have .htaccess in place where they should be. Cory On Sun, 25 Mar 2001, H D Moore wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On the topic of RAQ's, I thought I would throw this one out. On older RAQ installs (maybe new ones too, havent checked), you can access
a
couple items in the administration interface without logging in: Current system load: /cgi-bin/.cobalt/cpuUsage/loadavg.cgi Legato Backup Server: /cgi-bin/.cobalt/networker/networker.cgi Telnet Usage: /cgi-bin/.cobalt/telnetUsage/telnetUsage.cgi
Yikes. This appears to indeed work on RaQ2's. It doesn't work on RaQ3's - there's correct .htaccess files in place, which require the admin password to access the relevant pages. Of course, that relies on the system administrator changing the admin password... I don't have a RaQ4i to check this, however I'd presume its patched there. I'll forward this mail onto Cobalt (now owned by Sun Microsystems) security to make sure they actually know (since they've fixed the issue in later versions of the OS I'd presume so). Gossi.
Current thread:
- Re: [PEN-TEST] Cobalt Raq II - Unprotected Admin Pages Cory Michal (Mar 25)