December 12, 2002
Sun's Cobalt Linux Servers Open to Attack
Today, Sun and CERT announced that many of Sun's Cobalt RaQ 4 Linux servers can be completely taken over by a local user or via the Internet. Ironically, the vulnerability is only present if the vendor's optional "Security Hardening Package" is installed. The package is quite popular and is installed on a large percentage of these servers.