Bugtraq mailing list archives
Re: -froot??? (AIX rlogin bug)
From: drussell () gisws6 rtpnc epa gov (DFRussell)
Date: Mon, 1 Aug 1994 08:37:51 -0400
|ericw () fx com (Eric Wedaa) writes: | |> Someone over on the firewalls mailing list just threw out this tidbit: |> |> rlogin aix.machine -l -froot |> |> For instance: |> |> rlogin foobar -l -froot |> |> This gives you root access on any AIX 3.2.X machine. |> |> Does anyone have any history on this trapdoor? Apparently |> it also existed in Linux several generations ago. |> | |That's a bit old, and I believe IBM has at least an "unofficial" fix for |it now. This was patched quite some time ago... The APAR # is IX44254 -- it is available through "fixdist" via aix.boulder.ibm.com. |I run some Linux systems, and I haven't seen the problem in any of the |Linux 1.x releases. | |b |-- |# Baba Z Buehler |# Beckman Institute Systems Services, Urbana Illinois |# |# "How come that big box of bright ideas you sent |# me is the one they say fell off the truck?" -- Butch Hancock |# |# WWW: http://www.beckman.uiuc.edu/groups/biss/people/baba/ |# PGP Public Key available via finger baba () beckman uiuc edu |
Current thread:
- Re: -froot??? (AIX rlogin bug) Bill Heiser (Aug 01)
- Re: -froot??? (AIX rlogin bug) irvdwijk () cs vu nl (Aug 01)
- SunOs bug G.J.W. Hagenaars (Aug 02)
- The things you can find with Mosaic Daniel R Ehrlich (Aug 02)
- vixie cron Jonathan M. Bresler (Aug 02)
- Re: vixie cron Ollivier ROBERT (Aug 03)
- <Possible follow-ups>
- Re: -froot??? (AIX rlogin bug) DFRussell (Aug 01)
- Re: -froot??? (AIX rlogin bug) Derik Jarne x353-2490 (Aug 01)