Michael Stauber wrote: > Everyone with a Sun Cobalt Controlstation should pull up the drawbridge and > firewall the Apache ports 80, 81, 443 and 444. Or power the thing down as > fast as you can. > > I just have gotten my ControlStation hacked due to a vulnerability in the GUI. > Fortunately my IDS stuff caught it reasonably quick before any damage could > be done. > > The problem is apparently that a particular page in the GUI is accessible > without authentication and can be tricked into spawning a rootshell.
Is this problem isolated to the Sun Cobalt Control Station, or does it affect the RaQ 550 and other Cobalt machines too ? (as they also come with lax security checks on admin pages) Wonder if the problem remains in their new Sun Control Station offering... It seems to be based on the same code and system ? http://wwws.sun.com/software/controlstation/ --anders PS. Would it be possible to patch just that page in PHP, by adding the required authentication checks to GUI ? _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
