HTTP: Cobalt RaQ 4 Security Hardening Update Discovery Request
This signature detects attempts to identify Cobalt RaQ 4 servers with the Security Hardening Update installed. The Secure Hardening Update contains vulnerabilities that attackers can exploit to execute arbitrary commands.
Extended Description
The RaQ4 is a server appliance distributed and maintained by Sun Microsystems. A vulnerability has been reported in the web administration interface of the RaQ4. It is possible for a remote attacker to execute commands. By passing malicious email parameter to the vulnerable CGI script, commands are carried out in the security context of the administration server. This vulnerability only affects RaQ4 servers with the RaQ4 Security Hardening Package (SHP) installed. The SHP is not installed by default.
Affected Products
Sun cobalt_raq_4
Short Name
HTTP:COBALT:SEC-REQ-PROBE
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
4 CVE-2002-1361 Cobalt Discovery Hardening RaQ Request Security Update bid:6326
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Sun
Cobalt
CVSS Score
10.0