mailing list archives
Re: Access right escalation / severe permission problems on Raritan Console Servers
From: spam () drwetter org
Date: 3 Jul 2005 15:11:53 -0000
the second fix FCR7787 was released @ http://www.raritan.com/support/sup_upgrades.aspx.
FCR7551 was withdrawn.
As opposed to FCR7551 FCR7787 locks the remaining account sshd (with busybox' passwd -l). In fact it does a few exec
calls (2xadduser,2xdeluser,2xpasswd). It doesn't resolve the permission problems on /etc/shadow and /bin/busybox
Though asking politely the vendor again didn't notify me of the fix.
Dr. Dirk Wetter http://drwetter.org
Consulting IT-Security + Open Source
Key fingerprint = 80A2 742B 8195 969C 5FA6 6584 8B6E 59C1 E41B 9153
- Re: Access right escalation / severe permission problems on Raritan Console Servers spam (Jul 04)