RSS   Vulnerabilities for 'Mantrap'   RSS

2001-01-09
 
CVE-2000-1146

 

 
Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd.

 
 
CVE-2000-1145

 

 
Recourse ManTrap 1.6 allows attackers who have gained root access to use utilities such as crash or fsdb to read /dev/mem and raw disk devices to identify ManTrap processes or modify arbitrary data files.

 
 
CVE-2000-1144

 

 
Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the inode number for the resulting "/" file system is higher than normal, which allows attackers to determine that they are in a chroot environment.

 
 
CVE-2000-1143

 

 
Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attackers to determine that they are in a honeypot system.

 
 
CVE-2000-1142

 

 
Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc/self/cwd and executes the pwd command, which allows attackers to determine that they are in a honeypot system.

 
 
CVE-2000-1141

 

 
Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which allows attackers to determine that they are in a honeypot system.

 
 
CVE-2000-1140

 

 
Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing in the /proc filesystem.

 


Copyright 2024, cxsecurity.com

 

Back to Top