Signature Detail

HTTP: Cobalt RaQ 4 Security Hardening Update Discovery Request

This signature detects attempts to identify Cobalt RaQ 4 servers with the Security Hardening Update installed. The Secure Hardening Update contains vulnerabilities that attackers can exploit to execute arbitrary commands.

Extended Description

The RaQ4 is a server appliance distributed and maintained by Sun Microsystems. A vulnerability has been reported in the web administration interface of the RaQ4. It is possible for a remote attacker to execute commands. By passing malicious email parameter to the vulnerable CGI script, commands are carried out in the security context of the administration server. This vulnerability only affects RaQ4 servers with the RaQ4 Security Hardening Package (SHP) installed. The SHP is not installed by default.

Affected Products

• Cobalt RaQ 4.0.0
• Sun Cobalt RaQ 4

References

• BugTraq: 6326
• CVE: CVE-2002-1361
• URL: http://www.security.nnov.ru/search/news.asp?binid=2463
• URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-49377-1