![[LWN Logo]](/images/lwn.banner.gif)
Date: Mon, 31 Jan 2000 09:43:04 -0800 From: Jeff Bilicki <jeffb@COBALTNET.COM> Subject: [ Cobalt ] Security Advisory -- 01.31.2000 To: BUGTRAQ@SECURITYFOCUS.COM Cobalt Networks -- Security Advisory -- 01.31.2000 Problem: For RaQ 1 and RaQ 2: Through improper permissions checking in /.cobalt/siteUserMod/siteUserMod.cgi, any Site Administrator can change the password of the admin (root) account on the system. For RaQ 3: Through improper permissions checking in /.cobalt/siteUserMod/siteUserMod.cgi, any Site Administrator can change the password of any regular user or Site Administrator on the system, but not admin(root). Bug and exploit buy: Chuck Pitre <chuck@oa.net> Relevant products and architectures Product Architecture Vulnerable Qube1 MIPS No Qube2 MIPS No RaQ1 MIPS Yes RaQ2 MIPS Yes RaQ3 x86 Yes If your system is at risk you can you can downloaded the relevant package and install it. These are beta versions of the packages, Cobalt is currently testing these packages. RaQ 1 - ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ1-Security-3.6.pkg RaQ 2 - ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ2-Security-2.94.pkg RaQ 3 - ftp://ftp.cobaltnet.com/pub/experimental/security/siteUserMod/RaQ3-Security-2.2.pkg If you experience any problems with these packages please email jeffb@cobalt.com or security@cobalt.com. Jeff Bilicki Software Engineer Cobalt Networks