I think you should be scared.This bug is known about one month now. And other exploits like this exist for kernels lower than 2.2.19 exist. These bugs has been discovered many months ago, and it seems like there is still no fix for cobalt systems. At 16:35 26-4-2001 -0400, you wrote: > > [admin@xx10 admin]$ ./prak /usr/sbin/traceroute > > bug exploited successfully. > > enjoy! > > bash# id > > bash# uid=0(root) gid=0(root) > > groups=27(admin),10(wheel),110(home),111(site-adm) > > bash# uname -a > > bash# Linux xx10.test.nl 2.2.16C24_III #1 Thu Mar 22 21:17:39 PST 2001 >i586 > > unknown > > bash# > > > > Yeah, i see its fixed. > >This almost scares me. _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... shimi
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216... Peter Batenburg
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... baltimoremd
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... Dennis Koster
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... shimi
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216... Dennis Koster
- RE: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... Ryan McAdams
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... Peter Batenburg
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... Gergo Soros
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216... Carrie Bartkowiak
- RE: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... Reinoud van Leeuwen
- RE: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... baltimoremd
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216... Joseph T. Mai
- Re: [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24II... kimbjork
- [cobalt-security] RaQ4-All-Kernel-1.0.1-2.216C24III.pk... G�tz Lohmann
