Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Access right escalation / severe permission problems on Raritan Console Servers
From: spam () drwetter org
Date: 3 Jul 2005 15:11:53 -0000

Hi,

the second fix FCR7787 was released @ http://www.raritan.com/support/sup_upgrades.aspx.
FCR7551 was withdrawn.

As opposed to FCR7551 FCR7787 locks the remaining account sshd (with busybox' passwd -l). In fact it does a few exec 
calls (2xadduser,2xdeluser,2xpasswd). It doesn't resolve the permission problems on /etc/shadow and /bin/busybox 
though. 

Though asking politely the vendor again didn't notify me of the fix. 

Cheers,
       Dirk

-----

Dr. Dirk Wetter http://drwetter.org

Consulting IT-Security + Open Source 

Key fingerprint = 80A2 742B 8195 969C 5FA6 6584 8B6E 59C1 E41B 9153



  By Date           By Thread  

Current thread:
  • Re: Access right escalation / severe permission problems on Raritan Console Servers spam (Jul 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault