Have a question, I have had SolarSpeed install their firewall on two of our cobalts both RAQ4r's, should we be ok or are we still vuln to this SHP HACK?
Thanks, Bernie--- ----- Original Message ----- From: "E.B. Dreger" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, December 06, 2002 12:14 PM Subject: RE: [cobalt-security] FW: script kiddie own a cobalt? >was Cobalt RaQ4 Remote root exploit > SR> Date: Fri, 06 Dec 2002 15:05:36 +0000 > SR> From: Steve Root > > > SR> Surely that is only once they have a command line / terminal > SR> prompt though? > > No. > > > SR> They would have to get past one of the user passwords first? > > Not at all. A remote root exploit means one runs a magic program > that "picks the lock" and gives root access. > > Check out L0pht, Phrack, 2600, or Google for "stack overflow", > "format string", and "race conditions". There are many good > tutorials that explain how these things work. Many of them > assume one is familiar with assembly language and computer > architecture, though... > > > Eddy > -- > Brotsman & Dreger, Inc. - EverQuick Internet Division > Bandwidth, consulting, e-commerce, hosting, and network building > Phone: +1 (785) 865-5885 Lawrence and [inter]national > Phone: +1 (316) 794-8922 Wichita > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Date: Mon, 21 May 2001 11:23:58 +0000 (GMT) > From: A Trap <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Please ignore this portion of my mail signature. > > These last few lines are a trap for address-harvesting spambots. > Do NOT send mail to <[EMAIL PROTECTED]>, or you are likely to > be blocked. > > _______________________________________________ > cobalt-security mailing list > [EMAIL PROTECTED] > http://list.cobalt.com/mailman/listinfo/cobalt-security > _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
