5260772 2000-07-07 20:37 /48 rader/ Postmaster Mottagare: Bugtraq (import) <11632> Ärende: Cobalt Linux security problems... ------------------------------------------------------------ Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@lists.securityfocus.com Delivered-To: BUGTRAQ@SECURITYFOCUS.COM MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Message-ID: <Pine.LNX.4.21.0007060940220.24757-100000@owned.lab6.com> Date: Thu, 6 Jul 2000 22:05:23 +0100 Reply-To: Gossi The Dog <gossi@OWNED.LAB6.COM> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: Gossi The Dog <gossi@OWNED.LAB6.COM> To: BUGTRAQ@SECURITYFOCUS.COM There are two major problems with Cobalt Linux, used to drive the Cobalt RaQ series of hardware (used by thousands of ISPs). Both problems were tested against a Cobalt RaQ 3 with OS Update 3.0, which was released on the 15th of June. No updates have been released. Problem 1) Linux Kernel Capabilities Bug. -- This is a well known issue with the Linux Kernel, discovered on the 7th of June. Running http://www.securityfocus.com/data/vulnerabilities/exploits/cap-procmail-sendmail.txt on any Cobalt RaQ 3 box at the current time will get you an suid root shell. I am still awaiting a patch from Cobalt to resolve this. The problem has been confirmed on the Cobalt-Security mailing list by Cobalt. Problem 2) Qpopper 2.53 is still being used, even with the latest Security patches. -- This leaves several holes open for exploitation - see SecurityFocus.com for details. The version of ProFTPd being used is also open to several attacks - hopefully it won't take them as long to sort that. Regards, -- gossi the dog email: gossi@owned.lab6.com irc: gossi in #markthomas (efnet / irc.ins.net.uk) (5260772) ------------------------------------------(Ombruten)