Bugtraq mailing list archives
Re: Cobalt RaQ 3 security hole?
From: jellis () DSIGB COM (Joshua Ellis)
Date: Thu, 20 Jul 2000 16:24:27 -0500
WTF? Is it standard for Cobalt servers to compile Apache with the BIG_SECURITY_HOLE flag and run admserv as root/root? Is this just a local issue, something whoever installed this on on the server did initially? . . . I highly suspect this is not an issue with all Cobalt RaQ 3's, because someone else would have had to come across this. Can anyone clue me in on what I did wrong, if anything?
That's the standard RaQ install. If you do a /usr/sbin/http -V you'll see "-D BIG_SECURITY_HOLE". It's how their mod_perl-based admin modules work. If you look in /usr/lib/perl5/site_perl/5.005/Cobalt you'll see they modify a lot of files writable only by root, and HUP a lot of processes owned by root... Apache has to be running as root for you to do that. Unsafe? Potentially. It's a good idea to NOT have port 81 flapping in the breeze with those RaQ boxes. The scary thing is how many of these boxes you can find with a few well-crafted queries to altavista or alltheweb.com. -joshua --- ======[S-D-G]==============================[-0.809016994]==== Joshua Ellis Dynamic Software, Inc. jellis () dsigb com Phone: 920/432-4454 ext.30 http://www.dsigb.com
Current thread:
- Cobalt RaQ 3 security hole? Chad Day (Jul 18)
- Re: Cobalt RaQ 3 security hole? Joshua Ellis (Jul 20)
- Re: Cobalt RaQ 3 security hole? Brian Behlendorf (Jul 21)
- Microsoft Security Bulletin (MS00-045) Microsoft Product Security (Jul 20)
- [ANNOUNCE] INN 2.2.3 available patrick () PINE NL (Jul 21)
- Re: Cobalt RaQ 3 security hole? Francis [loaded.net] (Jul 21)
- Re: Cobalt RaQ 3 security hole? Kurt Seifried (Jul 21)
- Re: Cobalt RaQ 3 security hole? Peter W (Jul 21)
- Re: Cobalt RaQ 3 security hole? Edward S. Marshall (Jul 24)
- Re: Cobalt RaQ 3 security hole? Wichert Akkerman (Jul 22)
- Re: Cobalt RaQ 3 security hole? Kurt Seifried (Jul 21)
- Re: Cobalt RaQ 3 security hole? Joshua Ellis (Jul 20)
- Sendmail filter rule to stop Outlook exploit Koos van den Hout (Jul 21)
- <Possible follow-ups>
- Re: Cobalt RaQ 3 security hole? Forrest J. Cavalier III (Jul 25)