linux, säkerhet

5144279 2000-05-29  23:43  /38 rader/ Postmaster
Mottagare: Bugtraq (import) <11057>
Ärende: Corel Linux Default Install
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: BUGTRAQ@SECURITYFOCUS.COM
X-Sender: jnickson@pop.together.net
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-ID:  <3.0.3.32.20000529134945.006ba494@pop.together.net>
Date:         Mon, 29 May 2000 13:49:45 -0400
Reply-To: j nickson <jnickson@TOGETHER.NET>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: j nickson <jnickson@TOGETHER.NET>
X-To:         BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM

Upon it's release (April) I ordered the minimum Corel Linux.

It's install is great for Windows users, and if they get theiur hands
on it they can get to Netscape on the web in 27 minutes.

If they accept the defaults, they also have a blank root password and
telnet server enabled.

I don't think I have to say much more for this list, but I'll add,
and if they have DSL, ...  It is DDOS tra la, tra la, time.

I don't have the bucks to try their other two CDs but I'd expect the
same, wouldn't you?

I e.mailed Corel and got no response, that was about a month ago.  It
is time to go public. . .

The thing is it is so totally stupid to have those defaults for an
end user system.  I don't understand how they could have been so far
off the mark.

J
-------------------------------------------------
James Nickson,  j@RoninSG.com voice: 603-256-8055
modem 603-256-8050                facsimile: (802)258-2444
(5144279) ------------------------------------------(Ombruten)

5153905 2000-06-02  01:44  /42 rader/ Postmaster
Mottagare: Bugtraq (import) <11096>
Ärende: Re: Corel Linux Default Install
------------------------------------------------------------
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: bugtraq@securityfocus.com
Message-ID:  <200006011137.VAA01058@jawa.chilli.net.au>
Date:         Tue, 1 Jun 0100 11:40:14 +0000
Reply-To: suid@SUID.KG
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: suid@SUID.KG
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM

It gets worse.

> > Upon it's release (April) I ordered the minimum Corel Linux.
> >
> > It's install is great for Windows users, and if they get theiur hands on
> it
> > they can get to Netscape on the web in 27 minutes.
> >
> > If they accept the defaults, they also have a blank root password and
> > telnet server enabled.

You'll also notice that by default the system owner username you
enter makes up the default hostname. So telnet to a user running
Corel Linux 1.1, the login banner appears with the hostname such as:

suid57 login:

In this case system owner username is "suid".

If the user chooses to login as root and never access this account
they are not forced to set a password. It remains passwordless.

Once on the system the 2 exploits i discovered in Corel Linux 1.0 way
back in Feburary 2000 still work. I posted these to bugtraq, corel and
my own website. No response from Corel.

www.suid.kg/advisories/ for these.

Looks to me like Corel arent listening or dont care, perhaps both.

suid@suid.kg
(5153905) ------------------------------------------(Ombruten)