Archive : 2000 : january : cobaltraq2 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku
Cobalt Networks -- Security Advisory -- 01.31.2000



Cobalt Networks -- Security Advisory -- 01.31.2000



Problem:

For RaQ 1 and RaQ 2:

Through improper permissions checking in

/.cobalt/siteUserMod/siteUserMod.cgi, any Site Administrator can change

the password of the admin (root) account on the system.



For RaQ 3:

Through improper permissions checking in

/.cobalt/siteUserMod/siteUserMod.cgi, any Site Administrator can change

the password of any regular user or Site Administrator on the system,

but not admin(root).



Bug and exploit buy:

Chuck Pitre 



Relevant products and architectures

Product         Architecture            Vulnerable

Qube1           MIPS                    No

Qube2           MIPS                    No

RaQ1            MIPS                    Yes

RaQ2            MIPS                    Yes

RaQ3            x86                     Yes



If your system is at risk you can you can downloaded the relevant

package and install it.  These are beta versions of the packages, Cobalt

is currently testing these packages.



RaQ 1 -

ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ1-Security-3.6.
pkg



RaQ 2 -

ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ2-Security-2.94.
pkg



RaQ 3 -

ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ3-Security-2.2.
pkg



If you experience any problems with these packages please email

jeffb@cobalt.com or security@cobalt.com.



Jeff Bilicki

Software Engineer

Cobalt Networks
test server